Re: Authenticate Questions

This WebDNA talk-list message is from

2003


It keeps the original formatting.
numero = 49656
interpreted = N
texte = Matthew Bohne wrote: > If I have an [authenticate] tag on secure.mydomain.com, will keep the [username] and [password] values when I move to www.mydomain.com? and beyond as long as I am still at mydomain.com? Does this work if the subdomains are on different servers?The browser will typically cache the authentication for the length of the session, but it will only present the authentication to the exact same hostname, in this case secure.mydomain.com. In other words, if they go to games.mydomain.com, you cannot get the same authentication keys, but if they go back to secure.mydomain.com, it will silently represent the authentication. This is a security feature.One thing you can do is to set a cookie when they are authenticated, using domain=.mydomain.com, then you can retrieve that cookie on other related hostnames of the domain. Don't store their actual username/password in the cookie, just store a [cart] and check the value against a database (which allows you to time out the authorization independently of the cookie expiration).John-- John Peacock Director of Information Research and Technology Rowman & Littlefield Publishing Group 4501 Forbes Boulevard Suite H Lanham, MD 20706 301-459-3366 x.5010 fax 301-429-5748 ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: Authenticate Questions (Matthew Bohne 2003)
  2. Re: Authenticate Questions (Alex McCombie 2003)
  3. Re: Authenticate Questions (Scott Anderson 2003)
  4. Re: Authenticate Questions (Alain Russell 2003)
  5. Re: Authenticate Questions (Scott Anderson 2003)
  6. Re: Authenticate Questions (Kenneth Grome 2003)
  7. Re: Authenticate Questions (Alain Russell 2003)
  8. Re: Authenticate Questions (Kenneth Grome 2003)
  9. Re: Authenticate Questions (Matthew Bohne 2003)
  10. Re: Authenticate Questions (John Peacock 2003)
  11. Authenticate Questions (Matthew Bohne 2003)
Matthew Bohne wrote: > If I have an [authenticate] tag on secure.mydomain.com, will keep the [username] and [password] values when I move to www.mydomain.com? and beyond as long as I am still at mydomain.com? Does this work if the subdomains are on different servers?The browser will typically cache the authentication for the length of the session, but it will only present the authentication to the exact same hostname, in this case secure.mydomain.com. In other words, if they go to games.mydomain.com, you cannot get the same authentication keys, but if they go back to secure.mydomain.com, it will silently represent the authentication. This is a security feature.One thing you can do is to set a cookie when they are authenticated, using domain=.mydomain.com, then you can retrieve that cookie on other related hostnames of the domain. Don't store their actual username/password in the cookie, just store a [cart] and check the value against a database (which allows you to time out the authorization independently of the cookie expiration).John-- John Peacock Director of Information Research and Technology Rowman & Littlefield Publishing Group 4501 Forbes Boulevard Suite H Lanham, MD 20706 301-459-3366 x.5010 fax 301-429-5748 ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ John Peacock

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Using [showif] within [lineitems] [code fragment] (2000) Re:quit command on NT (1997) WebCat hosting providers? (1997) Upload files (2004) Using Cookie for client specific info? (1997) PCS Frames (1997) RE: what characters are replaced for tab and CR? (1998) unable to launch acgi in WebCat (1997) Re:Running 2 two WebCatalog.acgi's (1996) SOP for WebDNA talk - MSNBot Crashing (2004) Emailer problem with WC 2.1, NT, WebSite 2.1 (1998) Help formatting search results w/ table (1997) caching -check- (2001) Banners (1997) Emailer again & again (1997) Fun with Dates - revisited (again) (1997) Can I invoke an ssi plugin from within a webcat page (1997) Folder Follies (1998) Quickie question on the email templates (1997) Forms Search Questions (1997)