[geeklog-devel] Atom publishing
dirk at haun-online.de
Thu May 29 14:48:39 EDT 2008
(sigh, this was supposed to go to the list)
Damien Hodgkin wrote:
>1. create a "nonce"
There is actually a working WSSE implementation in system/lib-
webservices.php. It's commented out, though. But if you had the user's
unencrypted password, you could use it.
I tested it with a hack where I simply used the password hash as my
"password" on the other end. That's very insecure of course and I only
used it on a test setup. None of this went into Geeklog's code.
More information about the geeklog-devel