[Mailman-Developers] cookies
bwarsaw@python.org
bwarsaw@python.org
Wed, 10 May 2000 09:33:32 -0400 (EDT)
>>>>> "TW" == Thomas Wouters <thomas@xs4all.net> writes:
TW> Also, basic auth behaves differently from Cookies: they are
TW> hostname+path-based instead of just hostname-based, and they
TW> expire when the browser closes or another '401 auth required'
TW> occurs.
Jitterbug uses this and it sucks. If I have 3 different Jitterbug
projects on the same host, every time I authenticate to one, I lose
the authentication to the other. This loss is persistent across
sessions.
Now, maybe I don't have Jitterbug set up correctly, or maybe they have
bugs in their implementation, but I would hate it if Mailman worked
the same way.
I've been playing with SourceForge a lot lately[1] and I like what
they do. You login with username/password over a secure link and once
logged in, your primary interaction is across that link. Seems
intuitive, secure, and convenient. This is the direction I think I'd
like to go in.
-Barry
[1] In preparation for moving Mailman development over to SF!