RE: HTTP authentication

> -----Original Message-----
> From: Andrew Hammond [mailto:drew@waugh.econ.queensu.ca]
> Sent: Friday, April 27, 2001 8:21 PM
> To: Christian Marschalek
> Subject: Re: [PHP] HTTP authentication
>
> If you need _serious_ security, then you need to start
> thinking about using SSL and x.509 certificates.

I don't think the project needs to be THAT secure. But anyway, the SSL
stuff only secures my connection. I'd still need a way to control access
to my system, wouldn't I?

> Otherwise, you can reasonably use
> either the http auth stuff, which is probably the best approach,
> especially for a site that's got any kind of heavy usage or
> something based on PHP sessions.  However be forewarned that
> the sessions stuff isn't exactly the most efficient and fast.

(either?:)

Well PHP auth and sessions is probably the right aproach. Which one
would be more efficient or faster?

Thanks and greetings Chris


---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to majordomo@postgresql.org