|
Jon-Pierre Gentil
jgentil at sebistar.net
Fri Aug 13 02:13:32 EDT 2004
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Brian Bird wrote: > I'm implementing a session-based login system using mod_python. I decided to > use SignedCookie because the cookie will contain the login name of the > authenticated user and I therefore need to ensure the cookie has not been > tampered with on the client (If there's a better way to do this kind of > thing could someone point me in the right direction?). I don't know a solution to your problem, but the only thing I use the cookie for is to hold the session ID. Everything else is in the session, including their login username. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iEYEARECAAYFAkEcXAwACgkQOrVFmaIbww5JewCgmtHIYVPf9FCzj6SxMtRTbPMA SN4An1OsbYdWx1s8jPndKcijgXJq8t1x =SELg -----END PGP SIGNATURE-----
|