Steve Holden <[EMAIL PROTECTED]> writes:
> Underlining your point, the difference between the two is that digest
> offers *strong* authentication (i.e. is not subject to replay attacks)
As I mentioned in another post, that's really not enough, since digest
still exposes the password hash to offlin
Peter Hansen wrote:
> BartlebyScrivener wrote:
>
>>>but googling for "basic authentication" and
>>>maybe "realm" and/or "host" will find you other sites with less
>>>technically detailed material.
>>
>>This looks promising, but it'll take me a week to understand it :)
>>
>>http://www.voidspace.org
Mike Meyer <[EMAIL PROTECTED]> writes:
> Only if the userid and password are part of the content. If you're
> doing the usual form-based authentication, then they are. If you're
> doing an HTTP-based authentication, then they aren't - the
> authentication information is in the headers, and can be p
Peter Hansen <[EMAIL PROTECTED]> writes:
> Mike Meyer wrote:
>> Peter Hansen <[EMAIL PROTECTED]> writes:
>>>By the way, note that neither basic auth nor digest auth provide any
>>>real security, and in fact with basic auth the userid and password are
>>>sent *in cleartext*. For any serious product
Peter Hansen <[EMAIL PROTECTED]> writes:
> My information about digest was either obsolete or simply wrong, as I
> didn't realize it had all the nonce and anti-replay support it appears
> to have. (I may have been remembering articles about how much of that
> wasn't supported widely at some time i
Mike Meyer wrote:
> Peter Hansen <[EMAIL PROTECTED]> writes:
>>By the way, note that neither basic auth nor digest auth provide any
>>real security, and in fact with basic auth the userid and password are
>>sent *in cleartext*. For any serious production site these techniques
>>should probably not
Peter Hansen <[EMAIL PROTECTED]> writes:
> By the way, note that neither basic auth nor digest auth provide any
> real security, and in fact with basic auth the userid and password are
> sent *in cleartext*. For any serious production site these techniques
> should probably not be used without add
Thanks, Peter.
Peter Hansen wrote:
> BartlebyScrivener wrote:
> >>but googling for "basic authentication" and
> >>maybe "realm" and/or "host" will find you other sites with less
> >>technically detailed material.
> >
> > This looks promising, but it'll take me a week to understand it :)
> >
> > ht
BartlebyScrivener wrote:
>>but googling for "basic authentication" and
>>maybe "realm" and/or "host" will find you other sites with less
>>technically detailed material.
>
> This looks promising, but it'll take me a week to understand it :)
>
> http://www.voidspace.org.uk/python/articles/authenti
> but googling for "basic authentication" and
> maybe "realm" and/or "host" will find you other sites with less
> technically detailed material.
This looks promising, but it'll take me a week to understand it :)
http://www.voidspace.org.uk/python/articles/authentication.shtm
Thanks for your help
BartlebyScrivener wrote:
> New to Python and Programming. Trying to make scripts that will open
> sites and automatically log me on.
[snip]
> Does anyone have a simple example of a script that opens, say, gmail or
> some other commonly accessed site that requires a username and password
> so that I
"BartlebyScrivener" <[EMAIL PROTECTED]> writes:
> New to Python and Programming. Trying to make scripts that will open
> sites and automatically log me on.
A common enough things to want to do.
> The following example is from the urllib2 module.
>
> What are "realm" and "host" in this example.
H
BartlebyScrivener wrote:
> New to Python and Programming. Trying to make scripts that will open
> sites and automatically log me on.
>
> The following example is from the urllib2 module.
>
> What are "realm" and "host" in this example.
http://www.ietf.org/rfc/rfc2617.txt probably provides more b
13 matches
Mail list logo
