For the present I will just use the default session (t.w.s.Request.getSession()) to store the User data. When I have some time I will take a closer look at the new t.w.guard stuff.
Thanks everyone for all of the help. Shawn Church On Tue, Aug 19, 2008 at 2:28 AM, Manlio Perillo <[EMAIL PROTECTED]>wrote: > Phil Mayers ha scritto: > >> [...] >> >> Something like Digest HTTP auth is the "safe" way to secure an HTTP >> session - you can even (though I've not seen this commonly uses) re-use the >> digest session ID as a server-side key into application session storage. >> >> > I'm doing this in my WSGI framework: > http://hg.mperillo.ath.cx/wsgix/file/tip/wsgix/auth/auth_digest.py > > HTTP Digest Authentication really solves a lot a problems, it's very > unfortunately that it's still poorly implemented in browsers. > > > > Manlio Perillo > > > > _______________________________________________ > Twisted-web mailing list > [email protected] > http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-web >
_______________________________________________ Twisted-web mailing list [email protected] http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-web
