Re: Authentication issue

This WebDNA talk-list message is from

2006

It keeps the original formatting. numero = 63777
interpreted = N
texte = Thanks Jesse & John. I was hoping I could be lazy and just use the Users.db for authentication. I'll have to encrypt a password for each member into my own members.db & use cookies to bounce anyone without a valid user/pass.PatOn Jan 7, 2006, at 9:53 AM, John Peacock wrote:> Patrick McCormick wrote:> fields [username] and [password] like I expected. I can display>> [username] and [password] within [formvariables], but not by >> themselves>> (!?)>> That's correct because if you name fields like that in a preceeding > form, the> only place they will be valid is within [formvariables]. There is > nothing> special about those field names (you can call them [stanley] and > [ollie] if you> like).>>> Also, the username and password entered into the form seem to be>> independent variables from those entered into an authenticate dialog.>> That is also true, because the *browser* doesn't (in general) > recognize the> fieldnames as being the same as the authentication dialog. > WebDNA's [protect]> tag uses "Basic Authentication" for its operation (you can look it > up with> Google), so you must get the browser involved.>>> How can I synchronize the authentication user/pass with inputs from a>> form? I'd like the values entered into the form on the first page to>> simply handle authentication.>> If this isn't intended to be a very secure method, you can place an > intermediate> page between your "form" and your "[protect]" and redirect like this:>> user:password@http://site/protected/page>> and that will "seed" the browser's authentication cache for > subsequent pages.> If you want to be more secure than that (since there is that single > page which> passes the authentication in the open), you can switch to SSL for > that page or> write your own authentication scheme which uses a cookie instead.>> John>> -- > John Peacock> Director of Information Research and Technology> Rowman & Littlefield Publishing Group> 4720 Boston Way> Lanham, MD 20706> 301-459-3366 x.5010> fax 301-429-5747>> -------------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to digest@talk.smithmicro.com>> Web Archive of this list is at: http://webdna.smithmicro.com/>-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

Re: Authentication issue ( Patrick McCormick 2006)
Re: Authentication issue ( John Peacock 2006)
Re: Authentication issue ( Jesse Proudman 2006)
Authentication issue ( Patrick McCormick 2006)

Thanks Jesse & John. I was hoping I could be lazy and just use the Users.db for authentication. I'll have to encrypt a password for each member into my own members.db & use cookies to bounce anyone without a valid user/pass.PatOn Jan 7, 2006, at 9:53 AM, John Peacock wrote:> Patrick McCormick wrote:> fields [username] and [password] like I expected. I can display>> [username] and [password] within [formvariables], but not by >> themselves>> (!?)>> That's correct because if you name fields like that in a preceeding > form, the> only place they will be valid is within [formvariables]. There is > nothing> special about those field names (you can call them [stanley] and > [ollie] if you> like).>>> Also, the username and password entered into the form seem to be>> independent variables from those entered into an authenticate dialog.>> That is also true, because the *browser* doesn't (in general) > recognize the> fieldnames as being the same as the authentication dialog. > WebDNA's [protect]> tag uses "Basic Authentication" for its operation (you can look it > up with> Google), so you must get the browser involved.>>> How can I synchronize the authentication user/pass with inputs from a>> form? I'd like the values entered into the form on the first page to>> simply handle authentication.>> If this isn't intended to be a very secure method, you can place an > intermediate> page between your "form" and your "[protect]" and redirect like this:>> user:password@http://site/protected/page>> and that will "seed" the browser's authentication cache for > subsequent pages.> If you want to be more secure than that (since there is that single > page which> passes the authentication in the open), you can switch to SSL for > that page or> write your own authentication scheme which uses a cookie instead.>> John>> -- > John Peacock> Director of Information Research and Technology> Rowman & Littlefield Publishing Group> 4720 Boston Way> Lanham, MD 20706> 301-459-3366 x.5010> fax 301-429-5747>> -------------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to digest@talk.smithmicro.com>> Web Archive of this list is at: http://webdna.smithmicro.com/>-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Patrick McCormick

DOWNLOAD WEBDNA NOW!

Re: Authentication issue

2006

Top Articles:

Related Readings: