I noticed the username/password is visible in the php
session file. Is it perhaps a good idea to have
Kerberos support? Using kerberos you only need to store
the ticket name in the session file, no passwords would
be revealed. Please let me know if this is a good idea,
I am willing to write the code for it.
Log in to post a comment.