[Twisted-web] Session Based Security for PyAmf application

Manlio Perillo manlio_perillo at libero.it
Tue Aug 19 05:28:33 EDT 2008

Phil Mayers ha scritto:
> [...]
> Something like Digest HTTP auth is the "safe" way to secure an HTTP 
> session - you can even (though I've not seen this commonly uses) re-use 
> the digest session ID as a server-side key into application session 
> storage.

I'm doing this in my WSGI framework:

HTTP Digest Authentication really solves a lot a problems, it's very 
unfortunately that it's still poorly implemented in browsers.

Manlio Perillo

More information about the Twisted-web mailing list