To have session cookies last longer than until the browser is closed is useful in many cases. For example that uses do not have to log on every time they come to a site that is some kind of web service.

The cookie set by session should respect what is contained in the session "timeout" parameter, so for example

 web.config.session_parameters['timeout'] = (60 * 60 * 24 * 365 * 5)

should make cookies lasting for 5 years.

Otherwise, one would have to manually replicate the complete session system.

Google Groups thread about it here: http://groups.google.com/group/webpy/browse_thread/thread/cd88e2f13947223b