[Twisted-web] Session Based Security for PyAmf application

Shawn Church shawn at schurchcomputers.com
Tue Aug 19 16:12:38 EDT 2008

For the present I will just use the default session
(t.w.s.Request.getSession()) to store the User data.  When I have some time
I will take a closer look at the new t.w.guard stuff.

Thanks everyone for all of the help.

Shawn Church

On Tue, Aug 19, 2008 at 2:28 AM, Manlio Perillo <manlio_perillo at libero.it>w=

> Phil Mayers ha scritto:
>> [...]
>> Something like Digest HTTP auth is the "safe" way to secure an HTTP
>> session - you can even (though I've not seen this commonly uses) re-use =
>> digest session ID as a server-side key into application session storage.
> I'm doing this in my WSGI framework:
> http://hg.mperillo.ath.cx/wsgix/file/tip/wsgix/auth/auth_digest.py
> HTTP Digest Authentication really solves a lot a problems, it's very
> unfortunately that it's still poorly implemented in browsers.
> Manlio Perillo
> _______________________________________________
> Twisted-web mailing list
> Twisted-web at twistedmatrix.com
> http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-web
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://twistedmatrix.com/pipermail/twisted-web/attachments/20080819/b7=

More information about the Twisted-web mailing list