Michael Bernstein wrote:
While I was aware of HTTP basic auth's limitations, and the <dtml-raise Unauthorized> fix, this was the first time I'd heard of any proposed extensions/replacements. can you point to any projects/proposals in this regard?
The method you're looking for is Digest authentication, RFC 2069: http://andrew2.andrew.cmu.edu/rfc/rfc2069.html
If support for an improvment could be folded into Apache, Zserver, and Mozilla, that might put enough pressure on other companies to support it too.
Yes. As three open source projects, they would be prime candidates for extending authentication. Particularly considering that Mozilla is going to be the "next generation" of zope IDE, it makes perfect sense to bring it to Mozilla. It's my understanding that Digest authentication would allow you to use kerberos for authorizing web clients, just like any other service. I could be wrong on that one. -- ethan mindlace fremen mindlace@imeme.net zope -&- imap email -&- mailing list weave your web with the web at http://imeme.net