httpslogin

This Product enables secure login by replacing Plone's standard cookie based authentication with a session based authentication.

Current release

No stable release available yet.

Project Description

This Product enables secure login by replacing Plone's standard cookie based authentication with a session based authentication. This is the implementation of the Secure login without plain text passwords. What does this is an implementation mean? Apart from changing the maximum-number-of-session-objects setting in your zope.conf, and setting up HTTPS at least for /login_form in Apache, nothing has to be done. Please refer to the HOWTO for details on how to modify the session setting in zope.conf.

Per default, I will not redirect to HTTPS on login when I'm being accessed as localhost.

Dependencies

Plone 2.5 or higher and Zope 2.9 or higher
SessionCrumbler

Authors

Reinout van Rees
Daniel Nouri

Created by Zest Software for Philips Research.