Forum OpenACS Q&A: Response to Cookie Expiration Recommendations

Posted by David Walker on
2 cookies are used.  The persistent cookie and the session cookie.  The
session cookie is lost when you close your browser and on subsequent visits
the persistent cookie makes it possible to get a session cookie without
logging in.

So the reverse is true also.  Remove the ability to set the persistent cookie
and a browser will lose the session cookie when closed and require a login to
re-enter the site.