Phil Mayers ha scritto:
[...]
Something like Digest HTTP auth is the "safe" way to secure an HTTP
session - you can even (though I've not seen this commonly uses) re-use
the digest session ID as a server-side key into application session
storage.
I'm doing this in my WSGI framework:
http://hg.mperillo.ath.cx/wsgix/file/tip/wsgix/auth/auth_digest.py
HTTP Digest Authentication really solves a lot a problems, it's very
unfortunately that it's still poorly implemented in browsers.
Manlio Perillo
_______________________________________________
Twisted-web mailing list
[email protected]
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-web
