5 responses to “Auto-login: When to Ask for Help

  1. Hans Fredrik Nordhau

    What about HTTP basic authentication? I understand that it might be impossible because you base your current auto-login solution on Javascript interaction with forms. Any thoughts?

    Best regards,
    Hans

  2. @Hans
    Actually, it *is* possible, but it’s not implemented.

    I’ll add this to our feature requests. Thanks!

    Tara

  3. Hans Nordhaug

    So, is there any progress on the support for HTTP Basic Auth? Since many of my sites does indeed use HTTP Basic Auth, it is kind of important to me. I might have to switch to Clipperz if this isn’t a priority for you. (Sorry, this isn’t meant as a threat.)

  4. Hi Hans,
    No worries, no threat taken. It is on the list of things to do, but I have to be honest, it’s not a top priority.

    We’ve yet to find a truly secure way of handling it. Does Clipperz allow that?

    One option might be storing those logins in Clipperz as a slave account to your Passpack account. Passpack’s auto-login can log you into Clipperz, but not the other way around.

    Hope that helps.

  5. Hans Nordhaug

    Hm, I don’t understand how HTTP Basic AUTH is harder to get secure? It’s just a HTTP request with an extra header “Authorization: Basic …”. Can’t you just send the request directly?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s