[Seaside] RE: Authentication task and https

Bill Schwab BSchwab at anest.ufl.edu
Tue Oct 21 21:17:48 UTC 2008


It will probably solve my problem.  I do in fact want to enforce a
global setting (sending clear text is BAAAAADDDD for most of what I do),
so I am expecting to make everything secured and needing authentication,
at least for a while.  Later on, having a way to reliably mix them will
be greatly appreciated.

For now, my problem is perhaps simply that the authentication task is
not registered, and as such did not get a protocol set.  That much more
or less makes sense to me (intuitively at least - I am still struggling
to grok Seaside's entrails).  What I do not understand is why the
initial authentication challenge arrives via https (which is what I
want).  Since I did nothing other than set https for the application, I
would naively expect the same juju that encrypted the first
authentication to encrypt the subsequent ones.

For my education, can you explain what might be happening?  Either way,
setting the protocol "too often" is probably fine for my purposes.



Ramon Leon
See http://code.google.com/p/seaside/issues/detail?id=97

I think that's what you're looking for.

Ramon Leon

Wilhelm K. Schwab, Ph.D.
University of Florida
Department of Anesthesiology
PO Box 100254
Gainesville, FL 32610-0254

Email: bschwab at anest.ufl.edu
Tel: (352) 273-6785
FAX: (352) 392-7029

More information about the seaside mailing list