Marc Schnapp wrote:
Google Mini can do http basic auth, right? If so, you're fine, just put in the basic auth details and define a user in acl_users. Provided the mini presents the credentials without first being challenged by a 401, you'll be fine...
Marc responds: 1) The Google Mini does not accept cookies.
Did I ask if it accepted cookie? No, I asked if it accepts http basic auth. Care to answer my question? ;-)
2) Plone barfs if you try tricks like adding a query string to URLs.
Plohn barfs a lot, probably best not use it ;-)
I don't have to worry about headers being spoofed. The host lives in our dedicated data center behind a VPN concentrator requiring RSA authentication. No one gets to the box unless we already have cleared them through two-phase authentication.
Yah, sure... I'd still worry about headers being spoofed *grinz* cheers, Chris PS: If you want to pay me to solve this, contact me off list... -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk