Re: SiteGuard Use Question

This WebDNA talk-list message is from

1997

It keeps the original formatting. numero = 12331
interpreted = N
texte = >>I found out that if you create a user in SiteGuard (i.e. account number)>>and leave a blank password it will accept it fine. So I want to bypass the>>normal Username & Password dialog box and present a form that asks for>>their current account number. So if they go to one of the protected pages>>via bookmark they first are sent to the login form.>>Let's assume you're talking about WebCatalog and not SiteGuard here, since>SiteGuard has very limited abilities in comparison. The WebDNA looks>similar in both, but SiteGuard can't do arbitrary databases.>>Things are a lot simpler if you use the standard password dialog, because>then the username is always available to you throughout the site, without>having to change any of your templates.>>Buuuut, if you're dead-set on *not* using the [Authenticate] password>dialog (perhaps because it's confusing to ask people to leave the password>field blank), then you'll need to manually propogate the username from>page to page. So on every subsequent link you would put something like href=nextpage.tmpl?username=[username]> so that the username first>entered into your form would move from page to page, and you could still>use [protect] or some other way of verifying the user on those subsequent>pages.Using Grant's suggestion here will work, but you should also consideranother effect this solution will have on your users.By passing their username in the URL of every link on your site (or atleast in the links of the 'protected' parts of your site) that usernamewill be displayed in the URL field of the user's web browser ALL THE TIME.This wouldn't be a problem for someone who never has anyone looking overhis/her shoulder, but for some people, this solution may end up being anannoyance - as well as a security problem - that they would not appreciateat all.I did this on one site I created, and I don't like it, so I won't be doingit again.A different solution might be to use the normal [authenticate] stuff that'sbuilt into WebCatalog, but give everyone the same password. Make thatpassword the name you're using for the service you're protecting. Then theydon't really have much to remember, because they would be able to rememberthe name of the area they are trying to get into, right?Neither of these are ideal solutions for your particular needs. I know,I've done both, and I much prefer to use the built-in [protect] featuresrather than trying to pass the username (and in my case the password) toevery other protected page on the site.Fortunately, WebCatalog 2.0 gives you a choice, which is very nice becausethen you can choose whichever solution works best for you ... :)Sincerely, Ken GromeWebDNA Solutions Associated Messages, from the most recent to the oldest:

Re: SiteGuard Use Question (Kenneth Grome 1997)
Re: SiteGuard Use Question (Grant Hulbert 1997)
SiteGuard Use Question (Mark Anderson 1997)

>>I found out that if you create a user in SiteGuard (i.e. account number)>>and leave a blank password it will accept it fine. So I want to bypass the>>normal Username & Password dialog box and present a form that asks for>>their current account number. So if they go to one of the protected pages>>via bookmark they first are sent to the login form.>>Let's assume you're talking about WebCatalog and not SiteGuard here, since>SiteGuard has very limited abilities in comparison. The WebDNA looks>similar in both, but SiteGuard can't do arbitrary databases.>>Things are a lot simpler if you use the standard password dialog, because>then the username is always available to you throughout the site, without>having to change any of your templates.>>Buuuut, if you're dead-set on *not* using the [authenticate] password>dialog (perhaps because it's confusing to ask people to leave the password>field blank), then you'll need to manually propogate the username from>page to page. So on every subsequent link you would put something like href=nextpage.tmpl?username=[username]> so that the username first>entered into your form would move from page to page, and you could still>use [protect] or some other way of verifying the user on those subsequent>pages.Using Grant's suggestion here will work, but you should also consideranother effect this solution will have on your users.By passing their username in the URL of every link on your site (or atleast in the links of the 'protected' parts of your site) that usernamewill be displayed in the URL field of the user's web browser ALL THE TIME.This wouldn't be a problem for someone who never has anyone looking overhis/her shoulder, but for some people, this solution may end up being anannoyance - as well as a security problem - that they would not appreciateat all.I did this on one site I created, and I don't like it, so I won't be doingit again.A different solution might be to use the normal [authenticate] stuff that'sbuilt into WebCatalog, but give everyone the same password. Make thatpassword the name you're using for the service you're protecting. Then theydon't really have much to remember, because they would be able to rememberthe name of the area they are trying to get into, right?Neither of these are ideal solutions for your particular needs. I know,I've done both, and I much prefer to use the built-in [protect] featuresrather than trying to pass the username (and in my case the password) toevery other protected page on the site.Fortunately, WebCatalog 2.0 gives you a choice, which is very nice becausethen you can choose whichever solution works best for you ... :)Sincerely, Ken GromeWebDNA Solutions Kenneth Grome

DOWNLOAD WEBDNA NOW!

Re: SiteGuard Use Question

1997

Top Articles:

Related Readings: