CGI Authentication form passthrough question

Thomas Wouters thomas at xs4all.net
Sun May 21 00:42:26 CEST 2000


On Sat, May 20, 2000 at 10:33:00PM +0000, D'Arcy J.M. Cain wrote:

> Don't use a form for the password.  Use the built in login/password facility
> in the Apache (You do use Apache, right?) web server.

Actually, this authentication method isn't Apache-specific, it's part of the
HTTP standard. It's very useful, but not necessarily for all occasions; for
instance, 'forgetting' credentials is cumbersome, though most browsers
'forget' the username/password when the browser restarts, wether you want it
or not. Browsers and webservers are also picky about where you want
authorization, and it's tricky to make a single script sometimes require a
password and sometimes not, unless you start writing the HTTP headers and
decoding the responses yourself.

Nothing's-perfect-ly y'rs,
-- 
Thomas Wouters <thomas at xs4all.net>

Hi! I'm a .signature virus! copy me into your .signature file to help me spread!




More information about the Python-list mailing list