Evaluating a new login resource
is it a scriptable mechanism?
- (+) session information in predictable location
- (+) single stable session ID for single session
- (+) username/password hidden from final URL
- (–) cookie-based session information
- (–) login via basic authorization
- (–) Secure Socket Layers (SSL)
(how) can we script to needed level of site?