[Zope-dev] z3c.password and "failedAttempts" andSessionCredentialsPlugin

Adam GROSZER agroszer at gmail.com
Fri Jan 29 15:21:31 EST 2010


Hello Jan-Wijbrand,

We're using it too...
Go for 0.8.0.

Friday, January 29, 2010, 7:08:42 PM, you wrote:

JWK> Hi Adam,

JWK> Tres Seaver <tseaver at palladion.com> wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Adam GROSZER wrote:
>> 
>>> Thinking this further, resource requests will have a '/@@/' (usually)
>>> in their URL. So it might be an idea to skip those requests from
>>> counting.
>> 
>> Seems to me skipping anything except POST requests would be the right
>> thing to do:  suppose the user reloads the login form for some reason
>> (maybe their browser crashes, whatever).

JWK> I see you're working on this issue. That's fantastic. If you need a 
JWK> tester... by all means let me know :-)

JWK> regards,
JWK> jw


JWK> _______________________________________________
JWK> Zope-Dev maillist  -  Zope-Dev at zope.org
JWK> https://mail.zope.org/mailman/listinfo/zope-dev
JWK> **  No cross posts or HTML encoding!  **
JWK> (Related lists - 
JWK>  https://mail.zope.org/mailman/listinfo/zope-announce
JWK>  https://mail.zope.org/mailman/listinfo/zope )

-- 
Best regards,
 Adam GROSZER                            mailto:agroszer at gmail.com
--
Quote of the day:
The attacker must vanquish; the defender need only survive.



More information about the Zope-Dev mailing list