Re: protect (summer holidays with wcat???)

This WebDNA talk-list message is from

2000

It keeps the original formatting. numero = 35823
interpreted = N
texte = all the problems you read about here were related to people trying to implement atrick so that users could enter their user/pass via standard HTML form *rather than*the authentication diaolog that normally comes up when someone hits a page that has[protect] or [authenticate] in it. If you follow the beaten path then you should nothave any trouble (other than the learning curve to get the normal stuff working).I use a customAccess.db and therefore [authenticate] instead of the built in users.dband [protect]. But that is only because I do not have access to users.db nor thewebcat admin interface. (I am not the host.) If you are running your own copy ofwebcat then I *think* (not 100% sure) you will have the easiest time using [protect](not [authentivate]) and simply making special templates which your client can use toadd/mod/remove certain records in the users.db. [Protect] those templates with a groupthat only you and your client belongs to. On those templates only allow your client tomess with users.db records that belong to group(s) which are *not* part of the webcatadmin group, nor the group you use to protect the templates your client will use.I may have missed something, or even made a big error in this thinking, so try tosolicit a 2nd opinion.-Johnblo wrote:> hi!>> I have to build a webstore that will only be accessible to registered> users (username + password);>> I don't want to give wcat admin privs to my client; (my client must be> able to add/modify users via web)>> The site will not have any ssl page; (does this make things easier?)>> It has to work with both clients on both platforms; (this sure does)>> I've read of many problems in this list regarding all the [protect]> stuff, like browsers behaving in different ways, username + password> requested more than once etc;>> I'm using a 9600 w/ Web*3 and Wcat 3 (cgi)>> I don't know if I better do a home-made protection (w/ form variables,> ids etc) or use the protection stuff offered by wcat.>> any advice?> tnxs>> -------------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > Web Archive of this list is at: http://search.smithmicro.com/-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ Associated Messages, from the most recent to the oldest:

Re: protect (summer holidays with wcat???) (John Butler 2000)
Re: protect (summer holidays with wcat???) (blo 2000)
protect (summer holidays with wcat???) (blo 2000)

all the problems you read about here were related to people trying to implement atrick so that users could enter their user/pass via standard HTML form *rather than*the authentication diaolog that normally comes up when someone hits a page that has[protect] or [authenticate] in it. If you follow the beaten path then you should nothave any trouble (other than the learning curve to get the normal stuff working).I use a customAccess.db and therefore [authenticate] instead of the built in users.dband [protect]. But that is only because I do not have access to users.db nor thewebcat admin interface. (I am not the host.) If you are running your own copy ofwebcat then I *think* (not 100% sure) you will have the easiest time using [protect](not [authentivate]) and simply making special templates which your client can use toadd/mod/remove certain records in the users.db. [protect] those templates with a groupthat only you and your client belongs to. On those templates only allow your client tomess with users.db records that belong to group(s) which are *not* part of the webcatadmin group, nor the group you use to protect the templates your client will use.I may have missed something, or even made a big error in this thinking, so try tosolicit a 2nd opinion.-Johnblo wrote:> hi!>> I have to build a webstore that will only be accessible to registered> users (username + password);>> I don't want to give wcat admin privs to my client; (my client must be> able to add/modify users via web)>> The site will not have any ssl page; (does this make things easier?)>> It has to work with both clients on both platforms; (this sure does)>> I've read of many problems in this list regarding all the [protect]> stuff, like browsers behaving in different ways, username + password> requested more than once etc;>> I'm using a 9600 w/ Web*3 and Wcat 3 (cgi)>> I don't know if I better do a home-made protection (w/ form variables,> ids etc) or use the protection stuff offered by wcat.>> any advice?> tnxs>> -------------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > Web Archive of this list is at: http://search.smithmicro.com/-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ John Butler

DOWNLOAD WEBDNA NOW!

Re: protect (summer holidays with wcat???)

2000

Top Articles:

Related Readings: