Am Freitag, den 06.05.2005, 19:26 +0100 schrieb mark hellewell:
> On 5/6/05, Dieter Maurer <[EMAIL PROTECTED]> wrote:
> > WebDAV uses "basic HTTP authentication" which should use whatever
> > UserFolder you have installed.
> Thanks.. So, I think I should be able to modify the authentication plugin
> of PUF so that each time a user makes a bad login attempt (either via
> WebDAV or the login form) it increments the "bad login" counter?
> Sounds like a plan, anyway :)

Actually, it does not. You have no such thing like a session
when all you have is webdav. I dont know if many dav-clients
store cookies too - it may depend on your usecase.
Without cookies you dont know if a request is the first,
second or third time. And just counting per user would
make an excellent way to DoS.


Zope maillist  -
**   No cross posts or HTML encoding!  **
(Related lists - )

Reply via email to