Re: Permissions Ignored - PLEASE HELP
This WebDNA talk-list message is from 2003
It keeps the original formatting.
numero = 47057
interpreted = N
texte = Are you storing CC numbers? If so, email a link to the person whom takes theCC info. This person can then access a template protected by [protect] and viaSSL for an encrypted connection. This template then accesses a credit card database(that is not accessibl via http or ftp). The template can have a form submit thatdeletes the info after access.DonovanKimberly D. Walls wrote:>More specifically, do you recommend I use [protect] for everything? Credit>card numbers as well?>>>>>>-----Original Message----->From: WebCatalog Talk [mailto:WebDNA-Talk@talk.smithmicro.com]On Behalf>Of John Peacock>Sent: Wednesday, January 22, 2003 9:18 AM>To: WebCatalog Talk>Subject: Re: Permissions Ignored - PLEASE HELP>>>Kimberly D. Walls wrote:> >>>For an Orders directory, on top of SSL 128bit, I have permissions set to>>deny access to anyone outside of the admin group as well as specified>> >>>users.> >>>Inside this directory, I have index.html and this is what happens at the>>browser level:>>>>https://www.maggielyon.com:447/retail/orders/ username and password>> >>>prompt> >>>& index.html is automatically served>>https://www.maggielyon.com:447/retail/orders/index.html no username and>>password prompt & index.html is automatically served>> >>>>This is a misunderstanding of the web server's security realms. I assume>you>required a username/password to access the directory from the IIS management>app; however you have .html mapped to WebCat. By directly requesting the>mapped>file, you are going around the IIS security. You should be using WebCat>security to protect your files, not IIS security.>>HTH>>John>>-->John Peacock>Director of Information Research and Technology>Rowman & Littlefield Publishing Group>4720 Boston Way>Lanham, MD 20706>301-459-3366 x.5010>fax 301-429-5747>>>------------------------------------------------------------->This message is sent to you because you are subscribed to> the mailing list
.>To unsubscribe, E-mail to: >To switch to the DIGEST mode, E-mail to>>Web Archive of this list is at: http://webdna.smithmicro.com/>>>>>------------------------------------------------------------->This message is sent to you because you are subscribed to> the mailing list .>To unsubscribe, E-mail to: >To switch to the DIGEST mode, E-mail to >Web Archive of this list is at: http://webdna.smithmicro.com/>> >-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Associated Messages, from the most recent to the oldest:
Are you storing CC numbers? If so, email a link to the person whom takes theCC info. This person can then access a template protected by [protect] and viaSSL for an encrypted connection. This template then accesses a credit card database(that is not accessibl via http or ftp). The template can have a form submit thatdeletes the info after access.DonovanKimberly D. Walls wrote:>More specifically, do you recommend I use [protect] for everything? Credit>card numbers as well?>>>>>>-----Original Message----->From: WebCatalog Talk [mailto:WebDNA-Talk@talk.smithmicro.com]On Behalf>Of John Peacock>Sent: Wednesday, January 22, 2003 9:18 AM>To: WebCatalog Talk>Subject: Re: Permissions Ignored - PLEASE HELP>>>Kimberly D. Walls wrote:> >>>For an Orders directory, on top of SSL 128bit, I have permissions set to>>deny access to anyone outside of the admin group as well as specified>> >>>users.> >>>Inside this directory, I have index.html and this is what happens at the>>browser level:>>>>https://www.maggielyon.com:447/retail/orders/ username and password>> >>>prompt> >>>& index.html is automatically served>>https://www.maggielyon.com:447/retail/orders/index.html no username and>>password prompt & index.html is automatically served>> >>>>This is a misunderstanding of the web server's security realms. I assume>you>required a username/password to access the directory from the IIS management>app; however you have .html mapped to WebCat. By directly requesting the>mapped>file, you are going around the IIS security. You should be using WebCat>security to protect your files, not IIS security.>>HTH>>John>>-->John Peacock>Director of Information Research and Technology>Rowman & Littlefield Publishing Group>4720 Boston Way>Lanham, MD 20706>301-459-3366 x.5010>fax 301-429-5747>>>------------------------------------------------------------->This message is sent to you because you are subscribed to> the mailing list .>To unsubscribe, E-mail to: >To switch to the DIGEST mode, E-mail to>>Web Archive of this list is at: http://webdna.smithmicro.com/>>>>>------------------------------------------------------------->This message is sent to you because you are subscribed to> the mailing list .>To unsubscribe, E-mail to: >To switch to the DIGEST mode, E-mail to >Web Archive of this list is at: http://webdna.smithmicro.com/>> >-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Donovan
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
Encypt Question - Making New Users.db (1999)
Gift Certificates? Any one have suggestions? (2000)
Attn: Bug in GeneralStore example b15 (1997)
Corruption in images (2004)
Interfacing WC with mail server (1998)
Multiple prices (1997)
Extracting undeliverable email addresses (2003)
Document Contains No Data! (1997)
small hairball -- stuck on [showif] for related db (1998)
docs for WebCatalog2 (1997)
Re:WebCatalog f2 Installation (1997)
[WebDNA] Debian Lenny, Lighttpd and WebDNA FastCGI ... (2010)
Help! (1996)
Emailer setup (1997)
WebCatalog 4.0.1 has been released! (2000)
Getting real time CC's out of Australia (1998)
WebCat2b12 - nesting [tags] (1997)
unable to launch acgi in WebCat (1997)
WebCatalog Technical Reference (1997)
WebDNA Grep assistance [lowercase] (2003)