18 Mar
2000
18 Mar
'00
3:15 a.m.
On Fri, 17 Mar 2000, you wrote:
No. You can authenticate yourself with such a client, but you must still have a valid password. You cannot just insert any old user id into the Authentication header and expect Zope to believe you. That wouldn't exactly be very good security. Thanks. I would think then this password is succeptible to the same pitfalls as sending clear text passwords over the network which can be stolen. In which case making users to use https is a good idea ? sam ########################## necessity is the mother of invention ##########################