Has anyone tried to play with the Connection widget or the new authentication mechanisms in MT4.2, not for managing comments but for protecting a page or a script? I'm trying to figure out a way to protect a page, using PHP and MT's own users database, and I haven't yet figured out how to do that. There seem to be some interesting new things in 4.2 but I'm mainly concerned about two things: - the main cookie that stores the session magic_token is restricted to the MT CGI path, so it's not returned to pages, - I cannot trust anything that relies on Javascript on the browser side for security.
Reported on Movable Type 4.2
I know pretty much exactly what you're looking for, and it's right here: http://blog.movalog.com/a/privacy-21-beta/
Maybe we can get a movement going to convince 6A to buy the IP from Arvind and maintain it as a mainstream part of Movable Type.