clear text passwords
Avi Bryant
avi at beta4.com
Wed Jul 21 21:06:43 MEST 2004
On Jul 21, 2004, at 7:45 AM, Charles A. Monteiro wrote:
> Talking about security, it would be nice not to have unecrypted
> passwords fly into the wiki. I noticed that Swazoo has apparently
> support for SSL i.e https. Therefore, I was wondering if it is
> feasible to run the wiki under https or to at least login into the
> wiki via https and once the user is authenticated to re-direct to the
> normal wiki. My main concern is just the clear text passwords. Of
> course, the next question is does Seaside have any support for https?
There's no explicit support, but if all you need is an encrypted
connection (rather than checking client-side certs, for example), it's
pretty easy to use stunnel to wrap any HTTP server with HTTPS. See
http://www.stunnel.org/ .
Cheers,
Avi
More information about the SmallWiki
mailing list