[Lispweb] Mod_lisp 2.0 released
dan at telent.net
Tue Jun 19 15:16:14 CDT 2001
John Foderaro <jkf at franz.com> writes:
> Security issues can be dealt with by having the app server look at
> the source address of the request. It's a trival matter to
> simply refuse to respond to requests outside of a range of IP addresses.
otoh, it's correspondingly harder to do IP address-based authentication
from within the Lisp processes, as the peer of your connection is
always localhost. Some proxies can do X-Proxy-Via (or whatever the
correct name is) but I'm not sure I'd really want to depend on a HTTP
header; it seems easier for a malicious client to fake.
Granted, IP authentication is not such a great idea anyway in general,
but on a reasonably trusted network it's often adequate.
http://ww.telent.net/cliki/ - Link farm for free CL-on-Unix resources
More information about the lispweb