[Zope-dev] z3c.password and "failedAttempts" andSessionCredentialsPlugin
Tres Seaver
tseaver at palladion.com
Sun Jan 24 18:28:56 EST 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Adam GROSZER wrote:
> Thinking this further, resource requests will have a '/@@/' (usually)
> in their URL. So it might be an idea to skip those requests from
> counting.
Seems to me skipping anything except POST requests would be the right
thing to do: suppose the user reloads the login form for some reason
(maybe their browser crashes, whatever).
Tres.
- --
===================================================================
Tres Seaver +1 540-429-0999 tseaver at palladion.com
Palladion Software "Excellence by Design" http://palladion.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAktc17gACgkQ+gerLs4ltQ7YPwCgwJa9CyhDjiFUGdOrRM3Y1mzb
QXMAoLSJ2LfNWSS3CygvXxvzAuIlxVOY
=dJrd
-----END PGP SIGNATURE-----
More information about the Zope-Dev
mailing list