I'm considering using cert-based logins for privileged users, and staying with basic login for less privileged users (the privilege itself is managed by using auth_groups).
In the book, at <URL:http://web2py.com/books/default/chapter/29/09/access-control#Other-login-methods-and-login-forms> the sub-paragraph for X509 concludes with "This works out of the box with Rocket (the web2py built-in web server) but you may need some extra configuration work on the web server side if you are using a different web server. In particular you need to tell your web server where the certificates are located on local host and that it needs to verify certificates coming from the clients. How to do it is web server dependent and therefore omitted here." This blog entry seems to describe what I need, which is for nginx; so do I have the omitted how-to covered? <URL :https://arcweb.co/securing-websites-nginx-and-client-side-certificate-authentication-linux/> In my case, the less privileged users will usually be using a libcurl call to transfer error information to my server, and only occasionally using a web page via browser to do the same task. Privileged users will mostly be using browsers, and only occasionally going through the call/api method. The book goes on to talk about multiple login forms. I'm a little unclear about how "signals are set in the request", and what would be the appropriate signal for a cert. Thanks. Dave S /dps -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
