[Zope] sending a encrypted login URL
Joseph Thomas (s)
jthomas at cap.org
Thu Mar 5 15:01:46 EST 2009
Thanks, could you elaborate a bit, I'm somewhat new zope/plone:
I assume we'd need a shared key on both on ore j2ee server and zope, and
did you need to create any changes to Plone PAS?
-----Original Message-----
From: Dieter Maurer [mailto:dieter at handshake.de]
Sent: Thursday, March 05, 2009 1:55 PM
To: Joseph Thomas (s)
Cc: zope at zope.org
Subject: Re: [Zope] sending a encrypted login URL
Joseph Thomas (s) wrote at 2009-3-4 10:29 -0600:
>We'd like to construct a zope login URL of the form on another server:
>http://zope.domain:port/context/logged_in?__ac_name=uzzzzzz&__ac_passwo
r
>d=xxxxxxx&submit=Log+in
>where the ac_name and ac_password parameters are encrypted using zope
>public key (?) and have the parameters decrypted when zope receives the
>request and login the user.
>Is there an API or some way to encrypt the username and password on the
>3rd party app server and configure zope so that it treats the
parameters
>as encrypted values rather than plaintext?
We are doing this using the Python package "M2Crypto.EVP"
for the encryption/decryption.
--
Dieter
Consider our environment; please print this e-mail only if truly
necessary. Thank you!
More information about the Zope
mailing list