Josef Meile wrote:
I need to redirect all my http requests to the login_form of the
CookieCrumble to https, so, I wrote this rule in apache:


Why bother? Just because the form is secure doesn't make cookie authentication any more secure.

Do you say in https once authenticated?

cheers,

Chris

--
Simplistix - Content Management, Zope & Python Consulting
           - http://www.simplistix.co.uk

_______________________________________________
Zope maillist  -  Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to