RE: HTTP authentication - Mailing list pgsql-php

From Christian Marschalek
Subject RE: HTTP authentication
Date
Msg-id 000201c0cf5c$3e9a14c0$0200a8c0@server
Whole thread Raw
In response to HTTP authentication  ("Christian Marschalek" <cm@chello.at>)
Responses Re: HTTP authentication
Re: HTTP authentication
List pgsql-php
> -----Original Message-----
> From: Andrew Hammond [mailto:drew@waugh.econ.queensu.ca]
> Sent: Friday, April 27, 2001 8:21 PM
> To: Christian Marschalek
> Subject: Re: [PHP] HTTP authentication
>
> If you need _serious_ security, then you need to start
> thinking about using SSL and x.509 certificates.

I don't think the project needs to be THAT secure. But anyway, the SSL
stuff only secures my connection. I'd still need a way to control access
to my system, wouldn't I?

> Otherwise, you can reasonably use
> either the http auth stuff, which is probably the best approach,
> especially for a site that's got any kind of heavy usage or
> something based on PHP sessions.  However be forewarned that
> the sessions stuff isn't exactly the most efficient and fast.

(either?:)

Well PHP auth and sessions is probably the right aproach. Which one
would be more efficient or faster?

Thanks and greetings Chris


---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to majordomo@postgresql.org




pgsql-php by date:

Previous
From: "Christian Marschalek"
Date:
Subject: RE: Re[2]: HTTP authentication
Next
From: "Christian Marschalek"
Date:
Subject: RE: HTTP authentication