[Zope] Zope/Plone logon security strategy etc

michael nt milne michael.milne at gmail.com
Wed Feb 15 13:03:36 EST 2006


Hi Dieter

I've installed DigestAuth. Just wondering if there are any set-up
instructions at all?

Thanks

Michael

On 1/26/06, Dieter Maurer <dieter at handshake.de> wrote:
>
> michael nt milne wrote at 2006-1-25 18:55 +0000:
> >Yeah I know the security aspects are good once you are in, however
> >when you login it's possible for someone to grab your logon name and
> >pass as it goes over the internet, as there's no encryption at all.
> >Then obviously login themselves and compromise your sites.
>
> You might be interested in my "DigestAuth" product.
> It provides HTTP DigestAuthentication for Zope.
>
> Of course, HTTP authentication gives you less freedom than
> other forms of authentication (as the browser does the login).
> These other forms can be made safer by the use of "https".
>
>
>
> --
> Dieter
>



--
Michael
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.zope.org/pipermail/zope/attachments/20060215/0c9dfdae/attachment.htm


More information about the Zope mailing list