I respectfully disagree - again.
That's not the way it works - in other sites with which I am familiar - nor here. The logged in state is in a cookie on your computer and is reset to +30mins with every HTML action you take AND +20mins with every 'AutoSave' within an open Reply pane - [ credit for both of these discoveries goes to tt2 ]
The servers hold:
- Content = just sitting there waiting, like a hammer and nails, inanimate
- Static web pages - most all of Apple.com 'marketing' - no login AT ALL
- A HUGE directory of threads (likely mere data containers)
e.g., this one = discussions.apple.com/thread/7056687
- A HUGE-er directory of messages (also likely mere data containers)
your post to which I reply = discussions.apple.com/message/28306504
- a Database with Apple ID stuff in the tables - too numerous to enumerate - but also static - no load just space
The servers are going to be open anyway, requests or not - and do indeed have combined capacity, both in storage and memory -
The server Software is a another story entirely - in this case JiveSoftware. I submit that in its unaltered form, it runs huge enterprise collaborative communities that dwarf ASC's load. I could be wrong (and often am), but if the server load explanation is true, it is because the Apple-JiveWare is altered so (dumbed down) that it no longer resembles its original self - Frankenstein's Monster?
An internet server has open ports for Web services - like a door that is wide open, but only wide enough for one person to enter... if a bunch of folks want to go IN, they merely wait in line. If the to door is "busy", the browser is told that and tries again at intervals until it is "your turn" - maybe more like a "Deli Counter"? but VERY fast and VERY BRIEF nonetheless
Again, ASC cannot account for a bazillion request/response transactions per second - the JiveWare 'management' console knows simultaneous visitors (logged and guests) at any given moment for sure.
When you weigh the three factors discussed - load, SPAM & security liability - security seems to take the prize.
BTW, I am not a big fan of "Helmet Laws"... culling the herd and all. 😉 But if they didn't do these security things, they would get sued - not saying they would lose, just have to answer.
Think of the login timeout as part of the toolbox of other measures - most notably iOS device passcode "Black screen message" - I'll bet there are a bunch of 'party-ers' that have come up against that one!
I said I didn't wanna open the can of worms again, but alas, we did it anyway!
Actually, the added steps required to login using the "idmsa" subdomain's routines are what actually seems slow and demanding in my experience