Apache Realms and [PROTECT]
This WebDNA talk-list message is from 2003
It keeps the original formatting.
numero = 53681
interpreted = N
texte = I have a site that uses WebDNA to authenticate users. Users enter theirusername/password in a form, and WebDNA checks their info against theUsers.db file. If the info is valid, they are redirected to a new[PROTECT]'ed page using the following scheme. This allows the browser tocache the username/password info.http://username:password@www.mydomain.com/home.tplThis has worked well for months, but users found out that they were able toaccess Word/Excel documents in the "files" directory on this site by callingthem up via the correct address/path. This allowed them to bypass the loginpage, so I set up an Apache realm to protect the "files" directory and allsubdirectories/files within it.Even when they're logged in properly, some users are now presented with anauthentication dialog when they try to access a Word or Excel document inthe "files" directory.Is there a problem with using [PROTECT] and my login scheme with Apacherealms?I can post the login code if it will help.---------------------------------------------------------------------Clint DavisWebmaster / Interactive Media SpecialistGray Loon Marketing Group, Inc. http://www.grayloon.com204 Main Street | Evansville, IN 47708 | Phone:812-422-9999----------------------------------------------------------------------------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list
.To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Associated Messages, from the most recent to the oldest:
I have a site that uses WebDNA to authenticate users. Users enter theirusername/password in a form, and WebDNA checks their info against theUsers.db file. If the info is valid, they are redirected to a new[protect]'ed page using the following scheme. This allows the browser tocache the username/password info.http://username:password@www.mydomain.com/home.tplThis has worked well for months, but users found out that they were able toaccess Word/Excel documents in the "files" directory on this site by callingthem up via the correct address/path. This allowed them to bypass the loginpage, so I set up an Apache realm to protect the "files" directory and allsubdirectories/files within it.Even when they're logged in properly, some users are now presented with anauthentication dialog when they try to access a Word or Excel document inthe "files" directory.Is there a problem with using [protect] and my login scheme with Apacherealms?I can post the login code if it will help.---------------------------------------------------------------------Clint DavisWebmaster / Interactive Media SpecialistGray Loon Marketing Group, Inc. http://www.grayloon.com204 Main Street | Evansville, IN 47708 | Phone:812-422-9999----------------------------------------------------------------------------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Clint Davis
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
(1997)
Protect (1997)
emailer setup (1997)
webcatalog 2.1.3 ACGI Weirdness? (1998)
Re[2]: Weird [blank] interpretation (1999)
WebCat2b15MacPlugin - [protect] (1997)
Bug Report, maybe (1997)
email database file (2005)
The Guru, The Mooseman, Susie and Is That Really the Only Manual? (1998)
v6 Development copy download link seems to be offline? (2004)
WebCat2 - [format thousands] (1997)
Editor Recommendation for NT Users (1998)
Mem per threads (1998)
InternetWeek E-Commerce article (1998)
Trouble with formula.db (1997)
RE: [taxRate] [TaxTotal] ? (1997)
Verifying both name and password (was: New Problem) (1997)
Trouble serving graphics on protected templates (1998)
Thanks Grant (1997)
[Correction] Why does lineitems loop in sendmail = crash ? (2000)