Chris Withers schrieb:
what way? http basic auth is a standard. cookie auth isn't, and it's always insecure no matter how you implement it

they are both equally insecure - while you can make the cookie
(as session auth) a little more secure - but after all its worth
nothing as long as you dont transfer the credentials initially
encrypted :-)


Zope maillist  -
**   No cross posts or HTML encoding!  **
(Related lists - )

Reply via email to