After having started the thread about securing CookieCrumbler[1], I figured
out that it was better to secure Basic Authentication instead. So, I just
created a new Product, called JMSSLBasicAuth[2], which is based on the
CookieCrumbler Transversal Hook. Instead of Cookie Authentication, I will
redirect insecure Basic Authentication requests to ssl.

I have tested it and it seems to work. I'm planning to use it in production
websites, so, I would really appreciate if you could give me some
constructive feedback about the product (See reference [2]), ie: what can I
improve, change, or add?

Thanks in advanced

[1] SSL Redirect for CookieCrumbler

[2] JMSSLBasicAuth - Secure Basic Authentication Redirector
Zope maillist  -  Zope@zope.org
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to