On Wed, 9 Jun 2004, Peter Curran wrote:
> important (or relevant). Having authenticated via the external service, the
> user is redirected back to the portal with some embedded values in a GET
isnt this method susceptible to a man-in-the-middle replay attack ? a
traffic snooper could read the redirected http request from the client,
and replay this packet to the m0n0wall in order to get access.
Regards, /\_/\ "All dogs go to heaven."
dinesh at alphaque dot com (0 0) http://www.alphaque.com/
| for a in past present future; do |
| for b in clients employers associates relatives neighbours pets; do |
| echo "The opinions here in no way reflect the opinions of my $a $b." |
| done; done |