CGI Authentication form passthrough question
thomas at xs4all.net
Sun May 21 00:42:26 CEST 2000
On Sat, May 20, 2000 at 10:33:00PM +0000, D'Arcy J.M. Cain wrote:
> Don't use a form for the password. Use the built in login/password facility
> in the Apache (You do use Apache, right?) web server.
Actually, this authentication method isn't Apache-specific, it's part of the
HTTP standard. It's very useful, but not necessarily for all occasions; for
instance, 'forgetting' credentials is cumbersome, though most browsers
'forget' the username/password when the browser restarts, wether you want it
or not. Browsers and webservers are also picky about where you want
authorization, and it's tricky to make a single script sometimes require a
password and sometimes not, unless you start writing the HTTP headers and
decoding the responses yourself.
Thomas Wouters <thomas at xs4all.net>
Hi! I'm a .signature virus! copy me into your .signature file to help me spread!
More information about the Python-list