[Catalyst] ANNOUNCE: SimpleDB - Auth configuration made easy
Matt S Trout
dbix-class at trout.me.uk
Thu Nov 13 20:29:46 GMT 2008
On Mon, Oct 27, 2008 at 11:57:00PM -0600, Jason Kuri wrote:
> You can get clear passwords with no warnings by dropping SimpleDB for
> configuration purposes and using a 'standard' auth config that looks
> like this:
Which hides the badness.
Frankly I'd like to see -all- of authentication warn on cleartext passwords
unless you add some (preferably long) config option like
"insecure_password_storage_ok". The best thing about this is it makes it
obvious to a -maintainer- that their predecessor did this.
Remember that the person who benefits from seeing that that option has
been turned on may not be the person who originally turned it on.
--
Matt S Trout Need help with your Catalyst or DBIx::Class project?
Technical Director http://www.shadowcat.co.uk/catalyst/
Shadowcat Systems Ltd. Want a managed development or deployment platform?
http://chainsawblues.vox.com/ http://www.shadowcat.co.uk/servers/
More information about the Catalyst
mailing list