michael nt milne wrote:
Also, just to say that I did a test on only letting authenticated and
managers view the root page of the site over ssl.


If you just cancelled the
login box or closed it, the whole front page was displayed without any css
but you could still get all the content.

Well, then you didn't set permissions correctly...

I've had this quite a bit before so
that's why I'm looking into Apache authentication. I just don't think that
Zope authentication is secure.

You just don't think, or research, which is more your problem...



Simplistix - Content Management, Zope & Python Consulting
           - http://www.simplistix.co.uk

Zope maillist  -  Zope@zope.org
**   No cross posts or HTML encoding!  **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to