Hi, After having started the thread about securing CookieCrumbler[1], I figured out that it was better to secure Basic Authentication instead. So, I just created a new Product, called JMSSLBasicAuth[2], which is based on the CookieCrumbler Transversal Hook. Instead of Cookie Authentication, I will redirect insecure Basic Authentication requests to ssl.
I have tested it and it seems to work. I'm planning to use it in production websites, so, I would really appreciate if you could give me some constructive feedback about the product (See reference [2]), ie: what can I improve, change, or add? Thanks in advanced Josef [1] SSL Redirect for CookieCrumbler http://mail.zope.org/pipermail/zope/2006-June/166784.html [2] JMSSLBasicAuth - Secure Basic Authentication Redirector http://www.zope.org/Members/jmeile/JMSSLBasicAuth _______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )