21 Jul
2004
21 Jul
'04
4:45 p.m.
Talking about security, it would be nice not to have unecrypted passwords
fly into the wiki. I noticed that Swazoo has apparently support for SSL
i.e https. Therefore, I was wondering if it is feasible to run the wiki
under https or to at least login into the wiki via https and once the user
is authenticated to re-direct to the normal wiki. My main concern is just
the clear text passwords. Of course, the next question is does Seaside
have any support for https?
thanks
Charles
--
Using Opera's revolutionary e-mail client: http://www.opera.com/m2/
21 Jul
21 Jul
9:06 p.m.
On Jul 21, 2004, at 7:45 AM, Charles A. Monteiro wrote:
Talking about security, it would be nice not to have
unecrypted
passwords fly into the wiki. I noticed that Swazoo has apparently
support for SSL i.e https. Therefore, I was wondering if it is
feasible to run the wiki under https or to at least login into the
wiki via https and once the user is authenticated to re-direct to the
normal wiki. My main concern is just the clear text passwords. Of
course, the next question is does Seaside have any support for https?
There's no explicit support, but if all you need is an encrypted
connection (rather than checking client-side certs, for example), it's
pretty easy to use stunnel to wrap any HTTP server with HTTPS. See
http://www.stunnel.org/ .
Cheers,
Avi
7467
days inactive
7467
days old
1 comments
2 participants
participants (2)
-
Avi Bryant -
Charles A. Monteiro