Wed, 10 May 2000 15:43:15 +0200
On Wed, May 10, 2000 at 09:33:32AM -0400, firstname.lastname@example.org wrote:
> TW> Also, basic auth behaves differently from Cookies: they are
> TW> hostname+path-based instead of just hostname-based, and they
> TW> expire when the browser closes or another '401 auth required'
> TW> occurs.
> Jitterbug uses this and it sucks. If I have 3 different Jitterbug
> projects on the same host, every time I authenticate to one, I lose
> the authentication to the other. This loss is persistent across
Oh, I agree completely. Our IMP-based webmail servers still use the http
auth method, though the newer IMPs changed to cookie-based auth. A huge
improvement, for sure ;)
> I've been playing with SourceForge a lot lately and I like what
> they do. You login with username/password over a secure link and once
> logged in, your primary interaction is across that link. Seems
> intuitive, secure, and convenient. This is the direction I think I'd
> like to go in.
Hm, I'm not sure how this would work. You log in once through SSL and your
ipaddress gets stored in a temporary access list ? Or does it use some kind
of persistant connection ? SSH + port forwarding ?
Thomas Wouters <email@example.com>
Hi! I'm a .signature virus! copy me into your .signature file to help me spread!