| From: | "Christian Marschalek" <cm(at)chello(dot)at> |
|---|---|
| To: | "'Andrew Hammond'" <drew(at)waugh(dot)econ(dot)queensu(dot)ca> |
| Cc: | "[PHP] PostgreSQL" <pgsql-php(at)postgresql(dot)org> |
| Subject: | RE: HTTP authentication |
| Date: | 2001-04-27 20:54:21 |
| Message-ID: | 000201c0cf5c$3e9a14c0$0200a8c0@server |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-php |
> -----Original Message-----
> From: Andrew Hammond [mailto:drew(at)waugh(dot)econ(dot)queensu(dot)ca]
> Sent: Friday, April 27, 2001 8:21 PM
> To: Christian Marschalek
> Subject: Re: [PHP] HTTP authentication
>
> If you need _serious_ security, then you need to start
> thinking about using SSL and x.509 certificates.
I don't think the project needs to be THAT secure. But anyway, the SSL
stuff only secures my connection. I'd still need a way to control access
to my system, wouldn't I?
> Otherwise, you can reasonably use
> either the http auth stuff, which is probably the best approach,
> especially for a site that's got any kind of heavy usage or
> something based on PHP sessions. However be forewarned that
> the sessions stuff isn't exactly the most efficient and fast.
(either?:)
Well PHP auth and sessions is probably the right aproach. Which one
would be more efficient or faster?
Thanks and greetings Chris
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Christian Marschalek | 2001-04-27 20:56:40 | RE: Re[2]: HTTP authentication |
| Previous Message | Adam Lang | 2001-04-27 19:26:25 | Re: HTTP authentication |