[Zope] Re: major problems placing authentication on an extranet
site-security flaw?
Dario Lopez-Kästen
dario at ita.chalmers.se
Mon Feb 13 03:30:14 EST 2006
Chris Withers said the following on 2006-02-12 15:27:
>
> Given your earlier paranoia about security
uh, us security nerds^H^H^H^H^H^H
folks-who-have-an-strong-interest-in-security, actually prefer to call
it "eagerness". "Paranoia" has such negative timbre, don't you think? :-)
Nevertheless, it is not simple to implement proper security with
cookie-based logins. I had to make my own hacked version of
SinmpleUserFodler with seesioning on the zeo server to get it secure
enough (it is actually a trade off from what I would have liked to have
in the first place, but it works ok).
Cheers,
/dario
--
-- -------------------------------------------------------------------
Dario Lopez-Kästen, IT Systems & Services Chalmers University of Tech.
Lyrics applied to programming & application design:
"emancipate yourself from mental slavery" - redemption song, b. marley
More information about the Zope
mailing list