[Zope3-Users] Authentication without cookies
Jim Fulton
jim at zope.com
Mon Apr 14 14:07:54 EDT 2008
All you need to do is to get non-cookie based sessions, and then you
can use the existing session-authentication machinery.
Look at the client id framework in zope.session, http://svn.zope.org/zope.session/trunk/src/zope/session/http.py?view=auto
I assume you "just" need to implement a URL client id manager. (BTW,
I would leverage the namespace machinery, so you'd end up with URLs
with http://foo.com/++session++42/foo/bar.)
I'm sure if you come up with anything, others would be interested. :)
Jim
On Apr 14, 2008, at 12:47 PM, Hermann Himmelbauer wrote:
> Hi,
> I'm developing a Zope3-based application which is used on mobile
> phones. The
> problem here is that cookies don't always work with mobile browsers.
> Therefore it seems, the way to go is to put a session key in the URL.
>
> Therefore I need some authentication system that first tries to set
> a cookie,
> and if it does not work, inserts somehow a key into every URL,
> whereas a
> credentials plugin retrieves this key.
>
> However, I assume I'm not the only one with such a scenario,
> therefore I'd
> like to know if somebody solved this problem already?
>
> If not, is there some suggested scenario how to find out if the
> browser
> supports cookies?
>
> Best Regards,
> Hermann
>
> --
> hermann at qwer.tk
> GPG key ID: 299893C7 (on keyservers)
> FP: 0124 2584 8809 EF2A DBF9 4902 64B4 D16B 2998 93C7
> _______________________________________________
> Zope3-users mailing list
> Zope3-users at zope.org
> http://mail.zope.org/mailman/listinfo/zope3-users
--
Jim Fulton
Zope Corporation
More information about the Zope3-users
mailing list