michael nt milne wrote:

Yes I think I like the HTML login page way to authenticate. It feels more
usable. And I don't think I'll use an Apache login box at all. Most users
will find it hard remembering one password and with cookie authentication
over SSL you can go straight into the site. Brilliant.

Given your earlier paranoia about security, this a truly bizarre paragraph; you're so worried about basic auth that you didn't want to use it, and yet you're quite happy to have a cookie living on a user's machine long term, and still leave port 8080 exposed?



Simplistix - Content Management, Zope & Python Consulting
           - http://www.simplistix.co.uk
Zope maillist  -  Zope@zope.org
**   No cross posts or HTML encoding!  **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to