On 2/7/06, michael nt milne <[EMAIL PROTECTED]> wrote: > Also Zope doesn't do SSL well and all password - login is > basically insecure!
If you mean that logins without SSL are basically insecure, ok. But given your other posts, if you mean that Zope authentication is somehow inherently insecure (other than non-SSL traffic being in the clear), please consider that the problems you experienced with it don't lead to that conclusion. I run secured Zope sites on Classified networks, and wouldn't be able to if Zope security was as broken as you make it out to be. If you need Apache auth and then need Plone auth, and you have a question about configuring Apache auth, then it's appropriate to ask an Apache list. The Apache httpd docs are also very good.
_______________________________________________ Zope maillist - [email protected] http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
