Menu
▾
▴
Re: [Exist-development] The authentication service
|
From: Dannes W. <di...@ex...> - 2010-01-08 15:45:15
|
Heho,. passwords in an URL is a bad design... should probably be done via POST (urlencoded or multipart) for bia Basic Authentication (or like technology_ ? what are the immediate implication of this change? what will not work anymore? regards Dannes On Fri, Jan 8, 2010 at 4:07 PM, Dmitriy Shabanov <sha...@gm...>wrote: > Hello, > > I want to replace (this sunday) jetty's authentication service by > eXist's one. > > It will handle authentication by > $url/j_security_check?eXist_username=.&eXist_password=. & redirect back > to $url with user as eXist_username if authenticated successfully or > "guest" if failed. > > Later, OpenID add-on will handle $url/j_security_check?eXist_openID=. or > $url/j_security_check?eXist_openIDprovider=. > > After that, custom login-form url. > > Any objections? > > -- > Cheers, > > Dmitriy Shabanov > > > > ------------------------------------------------------------------------------ > This SF.Net email is sponsored by the Verizon Developer Community > Take advantage of Verizon's best-in-class app development support > A streamlined, 14 day to market process makes app distribution fast and > easy > Join now and get one step closer to millions of Verizon customers > http://p.sf.net/sfu/verizon-dev2dev > _______________________________________________ > Exist-development mailing list > Exi...@li... > https://lists.sourceforge.net/lists/listinfo/exist-development > -- eXist-db Native XML Database - http://exist-db.org Join us on linked-in: http://www.linkedin.com/groups?gid=35624 |
