Hannu Krosing wrote:
(snip)
I want to make the management screens available through HTTPS only (to protect the innocent from revealing their passwords to sniffers), and I quess it would be trivial by adding something like
<!--#unless HTTPS--><!--#raise "Not Found"--><!--#unless-->
in a few places, but I have'nt been able to find the right places yet.
Is it possible using the management interface, or do I have to access the BoboBase directly?
Or would it be better to hack the UserDB and add a special flag to users who may authenticate through HTTPS only ?
IMO, this is the right way to solve this problem. Jim -- Jim Fulton mailto:jim@digicool.com Python Powered! Technical Director (888) 344-4332 http://www.python.org Digital Creations http://www.digicool.com http://www.zope.org Under US Code Title 47, Sec.227(b)(1)(C), Sec.227(a)(2)(B) This email address may not be added to any commercial mail list with out my permission. Violation of my privacy with advertising or SPAM will result in a suit for a MINIMUM of $500 damages/incident, $1500 for repeats.