AW: [Zope] Security doubt

Germer, Carsten
Tue, 10 Jun 2003 11:00:23 +0200

> > How could I avoid sending a cleartext password through the 
> net when I use a
> > http://....../manage? How and where should I configure 
> what? I hope it'd be
> > possible...

You would need to set up an Apache-Zope configuration and by using "Cookie
Crumbler" and "SSLAbsoluteURL" you can actually force login over SSL.

I've done a short documentation about my setup that's unfortunately in
german. If you got someone at hand who can translate it it may help

Otherwise, just dive into Apache and Zope with CokkieCrumbler and
SSLAbsoluteURL, did the trick for me :)