Apache Realms and [PROTECT]
This WebDNA talk-list message is from 2003
It keeps the original formatting.
numero = 53681
interpreted = N
texte = I have a site that uses WebDNA to authenticate users. Users enter theirusername/password in a form, and WebDNA checks their info against theUsers.db file. If the info is valid, they are redirected to a new[PROTECT]'ed page using the following scheme. This allows the browser tocache the username/password info.http://username:password@www.mydomain.com/home.tplThis has worked well for months, but users found out that they were able toaccess Word/Excel documents in the "files" directory on this site by callingthem up via the correct address/path. This allowed them to bypass the loginpage, so I set up an Apache realm to protect the "files" directory and allsubdirectories/files within it.Even when they're logged in properly, some users are now presented with anauthentication dialog when they try to access a Word or Excel document inthe "files" directory.Is there a problem with using [PROTECT] and my login scheme with Apacherealms?I can post the login code if it will help.---------------------------------------------------------------------Clint DavisWebmaster / Interactive Media SpecialistGray Loon Marketing Group, Inc. http://www.grayloon.com204 Main Street | Evansville, IN 47708 | Phone:812-422-9999----------------------------------------------------------------------------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list
.To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Associated Messages, from the most recent to the oldest:
I have a site that uses WebDNA to authenticate users. Users enter theirusername/password in a form, and WebDNA checks their info against theUsers.db file. If the info is valid, they are redirected to a new[protect]'ed page using the following scheme. This allows the browser tocache the username/password info.http://username:password@www.mydomain.com/home.tplThis has worked well for months, but users found out that they were able toaccess Word/Excel documents in the "files" directory on this site by callingthem up via the correct address/path. This allowed them to bypass the loginpage, so I set up an Apache realm to protect the "files" directory and allsubdirectories/files within it.Even when they're logged in properly, some users are now presented with anauthentication dialog when they try to access a Word or Excel document inthe "files" directory.Is there a problem with using [protect] and my login scheme with Apacherealms?I can post the login code if it will help.---------------------------------------------------------------------Clint DavisWebmaster / Interactive Media SpecialistGray Loon Marketing Group, Inc. http://www.grayloon.com204 Main Street | Evansville, IN 47708 | Phone:812-422-9999----------------------------------------------------------------------------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Clint Davis
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
Almost There But? WebCat Keeps Changing Cart Numbers on Me! (2002)
PIXO support (1997)
Problem 2 of 2 (was: Shipping Confusion) (2000)
[WebDNA] Sorry WebDNA server not running /Template ERROR/ Slow speeds (2019)
can WC render sites out? (1997)
[WebDNA] .htm files (2008)
Country & Ship-to address & other fields ? (1997)
WebCatalog Hosting (1996)
RE: Ongoing group search problems ... (1997)
Limit to Field Length in DB (1998)
setting HTTP response header (1998)
Error Msg (1997)
[Announce] Newest Commerce Site based on WebCatalog (1997)
2.0.1 new commands and contexts (1997)
How long until WebDNA makes the list? :( (2004)
File Upload (1997)
2.1 bugs left over from beta cycle (1998)
Ampersand (1997)
customizing the color of user's pages (1997)
Re:2nd WebCatalog2 Feature Request (1996)