Hi all, In light of Aaron Bedra's talk<https://www.youtube.com/watch?v=CBL59w7fXw4&list=PLZdCLR02grLp__wRg5OTavVj4wefg69hM&index=6>at Clojure/West this past March on the (lack of) security in Clojure webapps, I've written a small, easy-to-understand middleware for keeping your authenticated session secure.
Ring-auth aims to implement all the recommendations from OWASP about secure session storage while at the same time not putting undue constraints on how you architect your app. Just place authentication information in an :auth-session key in your ring responses and you're all set. Check it out at: https://github.com/brendanyounger/ring-auth Brendan Younger -- You received this message because you are subscribed to the Google Groups "Clojure" group. To post to this group, send email to [email protected] Note that posts from new members are moderated - please be patient with your first post. To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/clojure?hl=en --- You received this message because you are subscribed to the Google Groups "Clojure" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
