-----BEGIN PGP SIGNED MESSAGE-----
Malthe Borch wrote:
> 2009/5/12 Paul Johnston <p...@pajhome.org.uk>:
>> I am going to have a go at adding a new authentication method to
>> repoze.who. It's like the standard forms authentication, but uses
> Excellent; there's been talking on this list previously about such a
>> I know many people are using my scripts, so I think this would be a
>> good feature for repoze.who. I've not used repoze.who so far, so lets
>> see how I get on. If anyone would like to lend a hand, just let me
> Is it correct to assume that if both the form where users originally
> provide their desired password and the login form both use your
> script, then nothing needs to be done on the server-side?
I think the server has to be configured to store the passwords generated
from the JS hash library "in the clear", and to use the "clear_check"
checker (re-hashing is not useful).
Tres Seaver +1 540-429-0999 tsea...@palladion.com
Palladion Software "Excellence by Design" http://palladion.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
Repoze-dev mailing list