[Twisted-web] Session Based Security for PyAmf application
shawn at schurchcomputers.com
Tue Aug 19 16:12:38 EDT 2008
For the present I will just use the default session
(t.w.s.Request.getSession()) to store the User data. When I have some time
I will take a closer look at the new t.w.guard stuff.
Thanks everyone for all of the help.
On Tue, Aug 19, 2008 at 2:28 AM, Manlio Perillo <manlio_perillo at libero.it>w=
> Phil Mayers ha scritto:
>> Something like Digest HTTP auth is the "safe" way to secure an HTTP
>> session - you can even (though I've not seen this commonly uses) re-use =
>> digest session ID as a server-side key into application session storage.
> I'm doing this in my WSGI framework:
> HTTP Digest Authentication really solves a lot a problems, it's very
> unfortunately that it's still poorly implemented in browsers.
> Manlio Perillo
> Twisted-web mailing list
> Twisted-web at twistedmatrix.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Twisted-web