[Seaside] RE: Authentication task and https
BSchwab at anest.ufl.edu
Tue Oct 21 21:17:48 UTC 2008
It will probably solve my problem. I do in fact want to enforce a
global setting (sending clear text is BAAAAADDDD for most of what I do),
so I am expecting to make everything secured and needing authentication,
at least for a while. Later on, having a way to reliably mix them will
be greatly appreciated.
For now, my problem is perhaps simply that the authentication task is
not registered, and as such did not get a protocol set. That much more
or less makes sense to me (intuitively at least - I am still struggling
to grok Seaside's entrails). What I do not understand is why the
initial authentication challenge arrives via https (which is what I
want). Since I did nothing other than set https for the application, I
would naively expect the same juju that encrypted the first
authentication to encrypt the subsequent ones.
For my education, can you explain what might be happening? Either way,
setting the protocol "too often" is probably fine for my purposes.
I think that's what you're looking for.
Wilhelm K. Schwab, Ph.D.
University of Florida
Department of Anesthesiology
PO Box 100254
Gainesville, FL 32610-0254
Email: bschwab at anest.ufl.edu
Tel: (352) 273-6785
FAX: (352) 392-7029
More information about the seaside