[Zope-dev] z3c.password and "failedAttempts" andSessionCredentialsPlugin

Jan-Wijbrand Kolman janwijbrand at gmail.com
Fri Jan 29 13:08:42 EST 2010


Hi Adam,

Tres Seaver <tseaver at palladion.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Adam GROSZER wrote:
> 
>> Thinking this further, resource requests will have a '/@@/' (usually)
>> in their URL. So it might be an idea to skip those requests from
>> counting.
> 
> Seems to me skipping anything except POST requests would be the right
> thing to do:  suppose the user reloads the login form for some reason
> (maybe their browser crashes, whatever).

I see you're working on this issue. That's fantastic. If you need a 
tester... by all means let me know :-)

regards,
jw




More information about the Zope-Dev mailing list