[Zope] Security question
Chris McDonough
chrism@digicool.com
Fri, 17 Mar 2000 17:51:01 -0500
Daniel,
THis is a limitation of HTTP basic authentication and is not a
Zope-specific problem.
Either quit the browser before you leave or write a short dtml method:
<dtml-raise Unauthorized>
Logout
</dtml-raise>
and call it before you leave. Note that you need to call it, then click
"OK", or you will still be logged in.
-----Original Message-----
From: Daniel.Weber@SEMATECH.Org [mailto:Daniel.Weber@SEMATECH.Org]
Sent: Friday, March 17, 2000 5:27 PM
To: zope@zope.org
Subject: [Zope] Security question
As far as authorization goes, I've noticed that I get prompted for a
user-name/password only once during a session. After you've been
validated, it
appears zope does not prompt you again for that browser session.
The reason I'm concerned is that if I have to do maintenance on someone
else's
web browser, how do I ensure that after I leave a person cannot use the
back
button or history list to gain manager access to the site? Do I have to
exit
the browser when I'm done?
_______________________________________________
Zope maillist - Zope@zope.org
http://lists.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope-dev )