Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Authorization

Posted on 1998-10-16
4
159 Views
Last Modified: 2013-12-25
As in experts-exchage when the question is to be asked or something is to be accessed... the loginname and passowrd is asked... this login is then used to display the relevant data like the scored...

Now how is this login name accessed....
What method is used to do this

Thanks in advance....

NikhilH
0
Comment
Question by:nikhilh
  • 2
4 Comments
 
LVL 75

Expert Comment

by:Michel Plungjan
ID: 1829132
You should remove the other identical question

All about logins can be read here

http://www.webthing.com/tutorials/login.html
0
 
LVL 2

Author Comment

by:nikhilh
ID: 1829133
The site you have specified lists it for Apache server
and secondly it asks for a login....

I want to do that for MS IIS


0
 
LVL 11

Accepted Solution

by:
mouatts earned 100 total points
ID: 1829134
There are a number of ways to achieve this. The simplest is as follows.

Create a directory and place all your restricted files in this directory. Create a virtual directory that points to this. Turn password protection for this virtual directory on and add the users that you want added.

Now create another directory underneath this and put all your unprotected stuff in here. Now create a virtual directory that points to this second directory but place no security restrictions on it. For the sake of clarity I will call this the home directory although you don't need to set this.

Any links within the pages in the secure area should point to the home directory beneath relatively and not via the other virtual directory name.

Any links from the insecure home directory into the secure one should be via the virtual directory name.

So if anyone accesses the home directory directly they will be allowed access. But if they access the secure directory or the home directory via the secure one they will be prompted for the password.

One of the reasons for ensuring that the links are as I specified is because it ensures that the session remains constant one the password has been entered and therefore you can store information within the session object confident that it will be retained whilst they navigate the site.

Now whilst we can't get to the password we can get to the user name that was entered by as this is present as the HTTP environment variable LOGON_USER.

So if we wanted to print out the name of the logged on user we could use

<%=request.servervariables ("LOGON_USER")%>

Alternatively we could create a variable within the session_onstart subroutine stored within the global.asa file in the secure directory to hold this value as below.

sub session_onstart
Session("username")=request.Servervariables("LOGON_USER")
end sub

Steve
0
 
LVL 75

Expert Comment

by:Michel Plungjan
ID: 1829135
Nikhilh: You asked how it was done, not how to do it on IIS.
Sorry. The answer is still that it is done using basic authorisation which can be turned on in IIS as well.
Be aware that challenge response protection in IIS will only allow MSIE to acess the pages.

Michel

0

Featured Post

Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently I have been answering a lot of questions like this in IT forums that I frequent. The question posed is usually something along the lines of "We have software X installed and need to uninstall it for reason Y" or some other variant of the sa…
This article will show, step by step, how to integrate R code into a R Sweave document
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.

791 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question