[Zope] Is it possible to extend Zopes WebDAV authentication?
mark hellewell
mark.hellewell at gmail.com
Sat May 7 15:24:38 EDT 2005
On 5/7/05, Tino Wildenhain <tino at wildenhain.de> wrote:
> Well, in theory its possible if the client accepts cookie to just
> store the amount of wrong attempts via cookie (or id - which would
> be the same) and deny any password, be it even the correct one
> when it comes via basic auth.
Store the incorrect login count client-side in a cookie?! No way! :)
> But I strongly believe this does not save from abuse because
> its just too easy to remove the cookie or just not accept
> it in the first place. So I'd say its not worth the work.
Yes, I think it would be a bad idea.
mark
More information about the Zope
mailing list