michael nt milne wrote:
Yes, I do realise that it's hard. Regarding the cookie comment that
was the reason I wanted to use Apache <location> based login.

Huh? I'm sure some people would love to know how those two things relate in your head...

I do
realise that leaving a logon cookie is insecure and that comment was
perhaps misguided. I started to think about usability etc.

If you're lucky, you might get a system that's both insecure _and_ unusable ;-)

I'm going to block 8080 at the router/firewall level as Zope obviously
needs to keep serving through 8080 to Apache.

using iptables in the box is probably a better idea...

As for the issue with IE6 and editing pages over SSL it all works fine
in Firefox 1.5, so it's a browser issue which I just can't quite
fathom just now.

I doubt it, my guess would still be that you're doing something wrong somewhere...


Simplistix - Content Management, Zope & Python Consulting
           - http://www.simplistix.co.uk

Zope maillist  -  Zope@zope.org
**   No cross posts or HTML encoding!  **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to