[Moin-user] Moin Authentication using Hashed Cookie
Upen K
upenit at gmail.com
Thu May 1 14:39:45 EDT 2008
Hi,
I'm very new to MoinMoin. I need to modify the Moin-Moin authentication
mechanism to do the following:
1) Use the Hashed Cookie using a key that only Server knows. Thus, the
cookie can't be generated by evesdropper because he won't have the key even
if he knows other part of the cookie.
2) Reduce the TimeOut period of the cookie. This is to minimize replay
attacks by any user.
Does someone have any experience with it? OR can someone tell me what files
I need to modify to get this to work?
Thanks
Upender
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/moin-user/attachments/20080501/bf049178/attachment.html>
More information about the Moin-user
mailing list