Am Freitag, den 06.05.2005, 19:26 +0100 schrieb mark hellewell: > On 5/6/05, Dieter Maurer <[EMAIL PROTECTED]> wrote: > > > WebDAV uses "basic HTTP authentication" which should use whatever > > UserFolder you have installed. > > Thanks.. So, I think I should be able to modify the authentication plugin > of PUF so that each time a user makes a bad login attempt (either via > WebDAV or the login form) it increments the "bad login" counter? > > Sounds like a plan, anyway :)
Actually, it does not. You have no such thing like a session when all you have is webdav. I dont know if many dav-clients store cookies too - it may depend on your usecase. Without cookies you dont know if a request is the first, second or third time. And just counting per user would make an excellent way to DoS. Regards Tino _______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
