Re: protect tag on NT IIS
This WebDNA talk-list message is from 1997
It keeps the original formatting.
numero = 14745
interpreted = N
texte = >>Whether or not your pages are protected with a [protect] tag has>>nothing to do with WebCat's CommandSecurity and CommandsAllowed>>prefs. Pages protected with the [protect] tag only check the users.db>>for an acceptable username/password based on the group named in the>>protect tag.>>This is what I thought. But when I use $append within a form on a page>that is [protect]ed, webcat throws up the IIS-forms based page asking for>my username and password. No matter what I type in, the page does NOT>pass this protection. Then only way I got it to append was to (1) change>the preferences to allow for anonymous appends which I don't like and (2)>use the [append] context.>>My question is: Can I use the NT version with IIS and use a form based>append command on a [protect]ed page without adding append to my webcat>preferences for anonymous access? It seems to me that using forms based>append is not anonymous and is coming from the tpl file, not a URL. Is>this an IIS thing?Basically, WebCat sees no difference in getting a command from a URLor from a form. Because of this, you must enable the append commandin the prefs if you want to use an append command from either a formor a hyperlink. Unless ...I seem to recall a *possible* way around this, and I have no ideawhether my memory is correct on this point or not, but:You may NOT have to enable the append command in your prefs, providedthe username and password values entered into the IIS-forms basedpage have ADMIN access. To test this theory, try entering theusername and password of someone in the admin group when that formpops up, and maybe your append will work.If it does, at least you'll know that only those with admin accesswill be able to append from your form. That may not be what youreally want, but you can always deal with this simply by putting yourappend into a context instead. Contexts are more secure anyways ... :)Sincerely, Ken GromeWebDNA Solutionshttp://www.smithmicro.com/webdnasolutions/.
Associated Messages, from the most recent to the oldest:
>>Whether or not your pages are protected with a
[protect] tag has>>nothing to do with WebCat's CommandSecurity and CommandsAllowed>>prefs. Pages protected with the
[protect] tag only check the users.db>>for an acceptable username/password based on the group named in the>>protect tag.>>This is what I thought. But when I use $append within a form on a page>that is
[protect]ed, webcat throws up the IIS-forms based page asking for>my username and password. No matter what I type in, the page does NOT>pass this protection. Then only way I got it to append was to (1) change>the preferences to allow for anonymous appends which I don't like and (2)>use the
[append] context.>>My question is: Can I use the NT version with IIS and use a form based>append command on a
[protect]ed page without adding append to my webcat>preferences for anonymous access? It seems to me that using forms based>append is not anonymous and is coming from the tpl file, not a URL. Is>this an IIS thing?Basically, WebCat sees no difference in getting a command from a URLor from a form. Because of this, you must enable the append commandin the prefs if you want to use an append command from either a formor a hyperlink. Unless ...I seem to recall a *possible* way around this, and I have no ideawhether my memory is correct on this point or not, but:You may NOT have to enable the append command in your prefs, providedthe username and password values entered into the IIS-forms basedpage have ADMIN access. To test this theory, try entering theusername and password of someone in the admin group when that formpops up, and maybe your append will work.If it does, at least you'll know that only those with admin accesswill be able to append from your form. That may not be what youreally want, but you can always deal with this simply by putting yourappend into a context instead. Contexts are more secure anyways ... :)Sincerely, Ken GromeWebDNA Solutionshttp://www.smithmicro.com/webdnasolutions/.
Kenneth Grome
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
Database (1999)
Re:HTTP header line is too long? (1997)
Hiding HTML and breaking the page (1997)
My slower response (1997)
firewall ports for Mac OS X/WebCatalog (2001)
WebCat for Site Search? (1997)
Catalogs and W* (1996)
Handy Browser Counter Tip (1997)
Form Validation (2000)
Non-Cart Files in Shopping Cart Folder (1997)
WCS Newbie question (1997)
service stop and restart (1997)
[WebDNA] AC paymethod is missing (2008)
more on quicktime test stuff (1997)
ODBC to WebCat (2000)
New Command prefs ... (1997)
WebCat2b14MacPlugIn - [include] doesn't hide the search string (1997)
setlineiems and UnitShip Cost (2000)
Mac 3.0.5b11 PI -- template cache and aliases (1999)
SiteEdit Pro Update Announcement (1997)