On Wed, Mar 02, 2011 at 02:28:11AM -0800, toutpt wrote: > storing plain-text password is a security issue by design.
I agree with you, of course. > I need to update it but I have done sth similar in collective.sugarcrm. The > authentication should be done on the external services, and you are supposed > to store the session id (valid for a short time period) that let the current > authenticated user access to some external resources. The problem is that my counterpart (the web service) allows only basic acces authentication. And it is just an experimental project. I expect we will try to implement something more advanced before going into production. For the present I just need a working plugin. Thank you anyway for your answer Andrea _______________________________________________ Product-Developers mailing list [email protected] https://lists.plone.org/mailman/listinfo/product-developers
