[Zope-dev] Logout

[mindlace]

Michael Bernstein wrote:
>While I was aware of HTTP basic auth's limitations, and the <dtml-raise
> Unauthorized> fix, this was the first time I'd heard of any proposed
> extensions/replacements. can you point to any projects/proposals in this
> regard?

The method you're looking for is Digest authentication, RFC 2069:

http://andrew2.andrew.cmu.edu/rfc/rfc2069.html

> If support for an improvment could be folded into Apache,
> Zserver, and Mozilla, that might put enough pressure on other companies
> to support it too.

Yes.  As three open source projects, they would be prime candidates for
extending authentication.  Particularly considering that Mozilla is
going to be the "next generation" of zope IDE, it makes perfect sense to
bring it to Mozilla.

It's my understanding that Digest authentication would allow you to use
kerberos for authorizing web clients, just like any other service.  I
could be wrong on that one.

-- 
ethan mindlace fremen        mindlace@imeme.net
zope    -&-     imap email   -&-   mailing list
weave your web with the web at http://imeme.net