Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Authorization

Posted on 1998-10-16
4
Medium Priority
?
164 Views
Last Modified: 2013-12-25
As in experts-exchage when the question is to be asked or something is to be accessed... the loginname and passowrd is asked... this login is then used to display the relevant data like the scored...

Now how is this login name accessed....
What method is used to do this

Thanks in advance....

NikhilH
0
Comment
Question by:nikhilh
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 75

Expert Comment

by:Michel Plungjan
ID: 1829132
You should remove the other identical question

All about logins can be read here

http://www.webthing.com/tutorials/login.html
0
 
LVL 2

Author Comment

by:nikhilh
ID: 1829133
The site you have specified lists it for Apache server
and secondly it asks for a login....

I want to do that for MS IIS


0
 
LVL 11

Accepted Solution

by:
mouatts earned 400 total points
ID: 1829134
There are a number of ways to achieve this. The simplest is as follows.

Create a directory and place all your restricted files in this directory. Create a virtual directory that points to this. Turn password protection for this virtual directory on and add the users that you want added.

Now create another directory underneath this and put all your unprotected stuff in here. Now create a virtual directory that points to this second directory but place no security restrictions on it. For the sake of clarity I will call this the home directory although you don't need to set this.

Any links within the pages in the secure area should point to the home directory beneath relatively and not via the other virtual directory name.

Any links from the insecure home directory into the secure one should be via the virtual directory name.

So if anyone accesses the home directory directly they will be allowed access. But if they access the secure directory or the home directory via the secure one they will be prompted for the password.

One of the reasons for ensuring that the links are as I specified is because it ensures that the session remains constant one the password has been entered and therefore you can store information within the session object confident that it will be retained whilst they navigate the site.

Now whilst we can't get to the password we can get to the user name that was entered by as this is present as the HTTP environment variable LOGON_USER.

So if we wanted to print out the name of the logged on user we could use

<%=request.servervariables ("LOGON_USER")%>

Alternatively we could create a variable within the session_onstart subroutine stored within the global.asa file in the secure directory to hold this value as below.

sub session_onstart
Session("username")=request.Servervariables("LOGON_USER")
end sub

Steve
0
 
LVL 75

Expert Comment

by:Michel Plungjan
ID: 1829135
Nikhilh: You asked how it was done, not how to do it on IIS.
Sorry. The answer is still that it is done using basic authorisation which can be turned on in IIS as well.
Be aware that challenge response protection in IIS will only allow MSIE to acess the pages.

Michel

0

Featured Post

Create CentOS 7 Newton Packstack Running Keystone

A bug was filed against RDO for the installation of Keystone v3. This guide is designed to walk you through the configuration for using Keystone v3 with Packstack. You will accomplish this using various repos and the Answers file.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Making a simple AJAX shopping cart Couple years ago I made my first shopping cart, I used iframe and JavaScript, it was very good at that time, there were no sessions or AJAX, I used cookies on clients machine. Today we have more advanced techno…
This article is meant to give a basic understanding of how to use R Sweave as a way to merge LaTeX and R code seamlessly into one presentable document.
Learn the basics of lists in Python. Lists, as their name suggests, are a means for ordering and storing values. : Lists are declared using brackets; for example: t = [1, 2, 3]: Lists may contain a mix of data types; for example: t = ['string', 1, T…
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question