[Zope] Zope/Plone logon security strategy etc

michael nt milne michael.milne at gmail.com
Wed Feb 15 13:03:36 EST 2006

Hi Dieter

I've installed DigestAuth. Just wondering if there are any set-up
instructions at all?



On 1/26/06, Dieter Maurer <dieter at handshake.de> wrote:
> michael nt milne wrote at 2006-1-25 18:55 +0000:
> >Yeah I know the security aspects are good once you are in, however
> >when you login it's possible for someone to grab your logon name and
> >pass as it goes over the internet, as there's no encryption at all.
> >Then obviously login themselves and compromise your sites.
> You might be interested in my "DigestAuth" product.
> It provides HTTP DigestAuthentication for Zope.
> Of course, HTTP authentication gives you less freedom than
> other forms of authentication (as the browser does the login).
> These other forms can be made safer by the use of "https".
> --
> Dieter

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.zope.org/pipermail/zope/attachments/20060215/0c9dfdae/attachment.htm

More information about the Zope mailing list