First of all, is there a group addressing "Authentication " issues? I've
searched and could not find any - Plz. forgive if I have posted to the
wrong group or direct me to one dealing with these issues {preferred}
Hello!
I am putting together a multi-page sites, MySQL & PostgreSQL pages
included. I'd like to make all pages publicly visible, however on pages
containing defined features such as forms, certain scripts, SSI's etc
the running of these should be restricted to authenticated registered
users. Could someone advise how this can best be achieved. The use of
..htaccess type approaches don't quite do it as they restrict access to
whole directories and below, effectively denying access of the public to
whole sections of the site.
I've wondered about the use of cookies, but not been too familiar with
them have been a bit unsure.
Plz. advise and comment
Thanks!
Adam 2 1187
Adam Smith <ad*******@econ .com> writes: First of all, is there a group addressing "Authentication " issues? I've searched and could not find any - Plz. forgive if I have posted to the wrong group or direct me to one dealing with these issues {preferred}
The closest fit for server-side programming questions is
comp.infosystem s.www.authoring.cgi, but it's understandable that that
wouldn't be obvious.
I am putting together a multi-page sites, MySQL & PostgreSQL pages included. I'd like to make all pages publicly visible, however on pages containing defined features such as forms, certain scripts, SSI's etc the running of these should be restricted to authenticated registered users. Could someone advise how this can best be achieved. The use of .htaccess type approaches don't quite do it as they restrict access to whole directories and below, effectively denying access of the public to whole sections of the site.
Put text near the forms to let users know they are for registered users
only, then make the ACTION of each form point to a script under, e.g.,
/registered that is restricted by .htaccess.
I've wondered about the use of cookies, but not been too familiar with them have been a bit unsure.
You really have to know what you're doing to use cookies securely and
effectively. If you can make things work with .htaccess, do so.
-- http://ourdoings.com/ Easily organize and disseminate news and
photos for your family or group.
Thanks - a few more
Bruce Lewis wrote: Adam Smith <ad*******@econ .com> writes:
First of all, is there a group addressing "Authentication " issues? I've searched and could not find any - Plz. forgive if I have posted to the wrong group or direct me to one dealing with these issues {preferred}
The closest fit for server-side programming questions is comp.infosystem s.www.authoring.cgi, but it's understandable that that wouldn't be obvious.
I am putting together a multi-page sites, MySQL & PostgreSQL pages included. I'd like to make all pages publicly visible, however on pages containing defined features such as forms, certain scripts, SSI's etc the running of these should be restricted to authenticated registered users. Could someone advise how this can best be achieved. The use of .htaccess type approaches don't quite do it as they restrict access to whole directories and below, effectively denying access of the public to whole sections of the site.
Put text near the forms to let users know they are for registered users only, then make the ACTION of each form point to a script under, e.g., /registered that is restricted by .htaccess.
I've been running my scripts under `http:/my.domain.com/cgi-bin/ w/ an
alias removed from the document root. So if I were to create a .htaccess
protected directory, viz. /registered as an example, under the doc root,
each time a registered user attempts to run a script s/he would be
forced to go through an authentication step of inputing their
userid/password pair; [Is my thinking correct?]. I was hoping for
something with a more "persistent of state" attribute.I've wondered about the use of cookies, but not been too familiar with them have been a bit unsure.
You really have to know what you're doing to use cookies securely and effectively. If you can make things work with .htaccess, do so. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Michael Foord |
last post by:
#!/usr/bin/python -u
# 15-09-04
# v1.0.0
# auth_example.py
# A simple script manually demonstrating basic authentication.
# Copyright Michael Foord
# Free to use, modify and relicense.
# No warranty express or implied for the accuracy, fitness to purpose
|
by: Bob Everland |
last post by:
I have an application that is ISAPI and the only way to
secure it is through NT permissions. I need to have a way
to login to windows authentication so that when I get to
the ISAPI application no boxes come up. I want an ASP page
to sit between the user and the ISAPI application. The
rest of my application is using authentication that is...
|
by: Billy Jacobs |
last post by:
I have a website which has both secure and non-secure
pages. I want to uses forms authentication. How do I
accomplish this?
Originally I had my web.config file in the root with Forms
Authentication set up and it worked just fine. Then I
realized that I needed to have some pages unsecure.
I then created 2 directories. One named Secure and...
|
by: Tom B |
last post by:
In my web.config file I've specified Windows for the authentication, in IIS
I've set it to Integrated Authentication.
But my SQL connection is still showing Anonymous.
Is there somewhere else I need to check?
Thanks
Win 2003, SQL Server 2000
|
by: Anonieko Ramos |
last post by:
ASP.NET Forms Authentication Best Practices
Dr. Dobb's Journal February 2004
Protecting user information is critical
By Douglas Reilly
Douglas is the author of Designing Microsoft ASP.NET Applications and
owner of Access Microsystems. Doug can be reached at
doug@accessmicrosystems.com....
| |
by: Andrew |
last post by:
Hey all,
I would like to preface my question by stating I am still learning ASP.net
and while I am confident in the basics and foundation, the more advanced
stuff is still a challenge. Ok. :)
|
by: Albertas |
last post by:
What I'm doing wrong that I can't make my authentication to work.
Here is the situation: I'm hosting a Web Service from a Windows forms
application, using .NET Framework 3.0 WCF. And I want to implement user
authentication.
Here is my Web Service class called "methods":
public class Authentication : SoapHeader
{
public String user;...
|
by: troywalker |
last post by:
I am new to LDAP and Directory Services, and I have a project that
requires me to authenticate users against a Sun Java System Directory
Server in order to access the application. I have found dozens of
examples of how to authenticate users against Active Directory, but AD
seems to be a different animal than Sun Java System Directory Server....
|
by: Frank Swarbrick |
last post by:
I am trying to understand "client authentication" works. My environment is
DB2/UDB LUW 8.2 on zSeries SLES9 as the database server and DB2 for VSE 7.4
as the client. We currently have DB2/LUW set up as follows:
Client Userid-Password Plugin (CLNT_PW_PLUGIN) =
Client Kerberos Plugin (CLNT_KRB_PLUGIN) =
Group Plugin ...
|
by: Rory Becker |
last post by:
Having now created a Custom MembershipProvider that seems to work correctly
with my Logon and ChangePassword controls, I am, as they say, a happy bunny.
The next stange is to move on to the creation of content which adjusts based
on the user.
I have several pages which require a user to be logged on and several which
do not. Prior to this...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main...
| |
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
|
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating...
| |