Thank you Leonel and Jonathan, But, thees lines require that I run a https server. Can we configure Rocket server for https or should I deploy something like Apache?
Thanks for the help, PT On Tuesday, December 17, 2013 4:11:57 PM UTC-6, Leonel Câmara wrote: > > Of course they are. Use HTTPS if you don't want that to happen. > > request.requires_https() > > and > > session.secure() > > Are your friends. > > Terça-feira, 17 de Dezembro de 2013 22:08:34 UTC, P T escreveu: >> >> I deployed a small app on the intranet and noticed that the username and >> password are transmitted in plain text (using a tool WireShark, >> http://www.wireshark.org/). >> >> Here is my setup: >> 2.8.2-stable+timestamp.2013.11.28.13.54.07 >> (Running on Rocket 1.2.6, Python 2.7.6) >> Database: Postgresql >> >> So, I checked the model and noticed that my auth did not include >> hmac_key. So, I changed that to >> >> auth = Auth(db, hmac_key=Auth.get_or_create_key()) >> >> But, this did not help either. >> >> What should I do to make sure that user's passwords are transmitted as >> encrypted? >> >> Thanks, >> PT >> > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
