From: Ian Bicking <ianb@co...> - 2001-11-21 06:13:02
It's a little rough, but I made a SecureXMLRPCServlet class that deals
with authentication, as well as using hashing to secure the password in
transmition -- which is most of security I'd care about, since I don't
deal in much that would warrant much more. Except those damn credit
But, anyway, I was saying: it *should* be fairly secure in the
transmition of a password, but if anyone wants to give it a look with
regards to that, I'm curious what I might have missed. It lacks support
for situations where passwords on the server side are stored in a hashed
The companion client module (securexmlrpc) looks pretty much like
xmlrpclib, except Server can take an extra username/password argument to
its __init__ -- but it should also be backward compatible.
I have tested it only very, very lightly. But I am going out of town
tomorrow, so I thought I'd put it out there.
Ian Bicking Colorstudy Web Design
4769 N Talman Ave, Chicago, IL 60625 / (773) 275-7241
Get latest updates about Open Source Projects, Conferences and News.