Hi All,

I have been using cookie crumbler for my site.From the code, I figured out that 
it stores a base64 encoded value of the username:pass in the cookie. My doubt 
is how do I modify this behaviour of CC? CC allows me to override the set and 
expire the authCookie methods.I don't want my user's credentials store in a 
cookie encoded using base64.

Also, is it a good idea to store the users password in the session data? The 
reason being that the users are not stored on zope and their passwords are one 
time tokens received from an external auth service.I felt that if I store them 
in zodb, then it becomes difficut to flush them out after every session.


" life isn't heavy enough,it flies away and floats far above action"

      Start your day with Yahoo!7 and win a Sony Bravia TV. Enter now 
Zope maillist  -  Zope@zope.org
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to