[Zope] Modifying Cookie crumbler

Mr SZ sk8in_zombi at yahoo.com.au
Sun Dec 14 03:53:03 EST 2008

Hi All,

I have been using cookie crumbler for my site.From the code, I figured out that it stores a base64 encoded value of the username:pass in the cookie. My doubt is how do I modify this behaviour of CC? CC allows me to override the set and expire the authCookie methods.I don't want my user's credentials store in a cookie encoded using base64.

Also, is it a good idea to store the users password in the session data? The reason being that the users are not stored on zope and their passwords are one time tokens received from an external auth service.I felt that if I store them in zodb, then it becomes difficut to flush them out after every session.


" life isn't heavy enough,it flies away and floats far above action"

      Start your day with Yahoo!7 and win a Sony Bravia TV. Enter now http://au.docs.yahoo.com/homepageset/?p1=other&p2=au&p3=tagline

More information about the Zope mailing list