Hmm... we could check is HTTP auth is already set and if it is do not
overwrite it with our own.
Ilia
Rasmus Lerdorf wrote:
Ilia Alshanetsky wrote:
Perhaps we could add a basic HTTP auth for admin functions?
I would like to suggest that the password be stored as an md5 or sha1
checksum rather then plain text.
People are going to alias this thing and basic auth it themselves, most
likely. Don't want to override that. But perhaps we can have it a
config option. Built-in password that sets a cookie when entered, or
external http auth.
-Rasmus
