I've used the cfa_user and cfa_password cookies in two large Spectra sites
(30,000+ users) and the Spectra 1.0.1 cfa_secure worked extremely well for
us. The Spectra 1.5 cfa_secure documentation show the cfa_user cookie being
used. Do I have revise my security procedures for Spectra 1.5?
Best Regards, Simon
Simon Jones
Core Technologist
Circle.com
[EMAIL PROTECTED]
http://circle.com
icq 74284360
PGP key http://pgpkeys.mit.edu:11371/pks/lookup?op=get&search=0xD9E255A7
PGP key
http://keyserver.pgp.com:11371/pks/lookup?op=get&exact=off&search=0xD9E255A7
------------------------------
Date: Tue, 15 May 2001 09:19:08 -0400
From: "Raymond Camden" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: RE: Cfa_secure and cfa_user cookie: broken?
Message-ID: <[EMAIL PROTECTED]>
>From what I can see, the only cookie used is CFAUTH, which is used by
Siteminder internally to 'remember' you. This may be a bit off, but I
haven't had enough coffee yet. You can check for CFAUTH as a way of saying,
'has this used logged in yet?'
=======================================================================
Raymond Camden, Principal Spectra Compliance Engineer for Macromedia
Email : [EMAIL PROTECTED]
ICQ UIN : 3679482
"My ally is the Force, and a powerful ally it is." - Yoda
------------------------------------------------------------------------------
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/spectra_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
