Re: Permissions Ignored - PLEASE HELP

This WebDNA talk-list message is from

2003


It keeps the original formatting.
numero = 47057
interpreted = N
texte = Are you storing CC numbers? If so, email a link to the person whom takes the CC info. This person can then access a template protected by [protect] and via SSL for an encrypted connection. This template then accesses a credit card database (that is not accessibl via http or ftp). The template can have a form submit that deletes the info after access.DonovanKimberly D. Walls wrote:>More specifically, do you recommend I use [protect] for everything? Credit >card numbers as well? > > > > > >-----Original Message----- >From: WebCatalog Talk [mailto:WebDNA-Talk@talk.smithmicro.com]On Behalf >Of John Peacock >Sent: Wednesday, January 22, 2003 9:18 AM >To: WebCatalog Talk >Subject: Re: Permissions Ignored - PLEASE HELP > > >Kimberly D. Walls wrote: > > >>For an Orders directory, on top of SSL 128bit, I have permissions set to >>deny access to anyone outside of the admin group as well as specified >> >> >users. > > >>Inside this directory, I have index.html and this is what happens at the >>browser level: >> >>https://www.maggielyon.com:447/retail/orders/ username and password >> >> >prompt > > >>& index.html is automatically served >>https://www.maggielyon.com:447/retail/orders/index.html no username and >>password prompt & index.html is automatically served >> >> > >This is a misunderstanding of the web server's security realms. I assume >you >required a username/password to access the directory from the IIS management >app; however you have .html mapped to WebCat. By directly requesting the >mapped >file, you are going around the IIS security. You should be using WebCat >security to protect your files, not IIS security. > >HTH > >John > >-- >John Peacock >Director of Information Research and Technology >Rowman & Littlefield Publishing Group >4720 Boston Way >Lanham, MD 20706 >301-459-3366 x.5010 >fax 301-429-5747 > > >------------------------------------------------------------- >This message is sent to you because you are subscribed to > the mailing list . >To unsubscribe, E-mail to: >To switch to the DIGEST mode, E-mail to > >Web Archive of this list is at: http://webdna.smithmicro.com/ > > > > >------------------------------------------------------------- >This message is sent to you because you are subscribed to > the mailing list . >To unsubscribe, E-mail to: >To switch to the DIGEST mode, E-mail to >Web Archive of this list is at: http://webdna.smithmicro.com/ > > >------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: Permissions Ignored - PLEASE HELP (Alain Russell 2003)
  2. Re: Permissions Ignored - PLEASE HELP (Stuart Tremain 2003)
  3. Re: Permissions Ignored - PLEASE HELP (Gary Krockover 2003)
  4. Re: Permissions Ignored - PLEASE HELP (Alain Russell 2003)
  5. Re: Permissions Ignored - PLEASE HELP (Andrew Simpson 2003)
  6. Re: Permissions Ignored - PLEASE HELP (Alex McCombie 2003)
  7. Re: Permissions Ignored - PLEASE HELP (Andrew Simpson 2003)
  8. Re: Permissions Ignored - PLEASE HELP (Kenneth Grome 2003)
  9. Re: Permissions Ignored - PLEASE HELP (Bob Minor 2003)
  10. Re: Permissions Ignored - PLEASE HELP (Kimberly D. Walls 2003)
  11. Re: Permissions Ignored - PLEASE HELP (John Peacock 2003)
  12. Re: Permissions Ignored - PLEASE HELP (Donovan 2003)
  13. Re: Permissions Ignored - PLEASE HELP (WJ Starck 2003)
  14. Re: Permissions Ignored - PLEASE HELP (Donovan 2003)
  15. Re: Permissions Ignored - PLEASE HELP (Donovan 2003)
  16. Re: Permissions Ignored - PLEASE HELP (Kimberly D. Walls 2003)
  17. Re: Permissions Ignored - PLEASE HELP (John Peacock 2003)
  18. Re: Permissions Ignored - PLEASE HELP (Kimberly D. Walls 2003)
  19. Re: Permissions Ignored - PLEASE HELP (John Peacock 2003)
  20. Permissions Ignored - PLEASE HELP (Kimberly D. Walls 2003)
Are you storing CC numbers? If so, email a link to the person whom takes the CC info. This person can then access a template protected by [protect] and via SSL for an encrypted connection. This template then accesses a credit card database (that is not accessibl via http or ftp). The template can have a form submit that deletes the info after access.DonovanKimberly D. Walls wrote:>More specifically, do you recommend I use [protect] for everything? Credit >card numbers as well? > > > > > >-----Original Message----- >From: WebCatalog Talk [mailto:WebDNA-Talk@talk.smithmicro.com]On Behalf >Of John Peacock >Sent: Wednesday, January 22, 2003 9:18 AM >To: WebCatalog Talk >Subject: Re: Permissions Ignored - PLEASE HELP > > >Kimberly D. Walls wrote: > > >>For an Orders directory, on top of SSL 128bit, I have permissions set to >>deny access to anyone outside of the admin group as well as specified >> >> >users. > > >>Inside this directory, I have index.html and this is what happens at the >>browser level: >> >>https://www.maggielyon.com:447/retail/orders/ username and password >> >> >prompt > > >>& index.html is automatically served >>https://www.maggielyon.com:447/retail/orders/index.html no username and >>password prompt & index.html is automatically served >> >> > >This is a misunderstanding of the web server's security realms. I assume >you >required a username/password to access the directory from the IIS management >app; however you have .html mapped to WebCat. By directly requesting the >mapped >file, you are going around the IIS security. You should be using WebCat >security to protect your files, not IIS security. > >HTH > >John > >-- >John Peacock >Director of Information Research and Technology >Rowman & Littlefield Publishing Group >4720 Boston Way >Lanham, MD 20706 >301-459-3366 x.5010 >fax 301-429-5747 > > >------------------------------------------------------------- >This message is sent to you because you are subscribed to > the mailing list . >To unsubscribe, E-mail to: >To switch to the DIGEST mode, E-mail to > >Web Archive of this list is at: http://webdna.smithmicro.com/ > > > > >------------------------------------------------------------- >This message is sent to you because you are subscribed to > the mailing list . >To unsubscribe, E-mail to: >To switch to the DIGEST mode, E-mail to >Web Archive of this list is at: http://webdna.smithmicro.com/ > > >------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Donovan

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Encypt Question - Making New Users.db (1999) Gift Certificates? Any one have suggestions? (2000) Attn: Bug in GeneralStore example b15 (1997) Corruption in images (2004) Interfacing WC with mail server (1998) Multiple prices (1997) Extracting undeliverable email addresses (2003) Document Contains No Data! (1997) small hairball -- stuck on [showif] for related db (1998) docs for WebCatalog2 (1997) Re:WebCatalog f2 Installation (1997) [WebDNA] Debian Lenny, Lighttpd and WebDNA FastCGI ... (2010) Help! (1996) Emailer setup (1997) WebCatalog 4.0.1 has been released! (2000) Getting real time CC's out of Australia (1998) WebCat2b12 - nesting [tags] (1997) unable to launch acgi in WebCat (1997) WebCatalog Technical Reference (1997) WebDNA Grep assistance [lowercase] (2003)