michael nt milne wrote:
Yes, I do realise that it's hard. Regarding the cookie comment that
was the reason I wanted to use Apache <location> based login.
Huh? I'm sure some people would love to know how those two things relate
in your head...
I do
realise that leaving a logon cookie is insecure and that comment was
perhaps misguided. I started to think about usability etc.
If you're lucky, you might get a system that's both insecure _and_
unusable ;-)
I'm going to block 8080 at the router/firewall level as Zope obviously
needs to keep serving through 8080 to Apache.
using iptables in the box is probably a better idea...
As for the issue with IE6 and editing pages over SSL it all works fine
in Firefox 1.5, so it's a browser issue which I just can't quite
fathom just now.
I doubt it, my guess would still be that you're doing something wrong
somewhere...
Chris
--
Simplistix - Content Management, Zope & Python Consulting
- http://www.simplistix.co.uk
_______________________________________________
Zope maillist - Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )