Standalone CookieCrumbler is not generating http-only cookies. With PAS you can handle stuff like password strength and renewal strategies or account locking in a pluggable way. Read docs on pypi and http://plone.org/documentation/kb/securing-plone
--- Ursprüngl. Mitteilung --- Von:Richard Harley Gesend.: 02.02.2012, 23:57 An: Shane Hathaway Cc: zope@zope.org Betreff:Re: [Zope] CookieCrumbler, any new versions or replacement?
What is the main advantage of PAS over cookie crumbler over SSL out of interest? Cheers Rich
On 2 Feb 2012, at 21:57, Shane Hathaway shane@hathawaymix.org wrote:
On 02/02/2012 10:46 AM, Hugo Ramos wrote:
I need to reuse a web application I developed around 2005/2006. This App was using CookieCrumbler as it's only authentication method but it seems that after zope 2.11.x the product is broken as it has a few imports from deprecated classes.
Anyone knows about CookieCrumbler versions above 1.2 or some other replacement for this product?
Zope's pluggable authentication service replaces it.
Shane _______________________________________________ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev )
_______________________________________________ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev )