?
Solved

Password protection - password created by users

Posted on 1998-11-05
5
Medium Priority
?
171 Views
Last Modified: 2013-12-25
I need a password protection program, run on a server that lets users create their own User Name and Password once they arrive on the page.  

After the password is created, then I need a way for the usual UserName/Password box to pop up.  The person enters their user name and password -- and then is given access to the restricted directories of the web site.

In addition, I need a way for the Administrator to easily go into the password lists and add/delete users.  It would be also be great if the Administration area would let the Administrator select the length of time the users' passwords would be valid -- i.e. 1-2-3 months, etc.  

I don't want java to play a part in this solution.  Strictly CGI-BIN scripting.  I don't know anything about CGI -- but would it be possible for the script to work on both UNIX and NT servers?

Thanks

Rowby

0
Comment
Question by:Rowby Goren
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
5 Comments
 
LVL 9

Author Comment

by:Rowby Goren
ID: 1829452
Edited text of question
0
 
LVL 9

Author Comment

by:Rowby Goren
ID: 1829453
Adjusted points to 300
0
 
LVL 9

Author Comment

by:Rowby Goren
ID: 1829454
Edited text of question
0
 

Accepted Solution

by:
Eck earned 600 total points
ID: 1829455
Hi rowby :]

Heres a solution for Unix/Apache, AFAIK it cant be done easily on NT/IIS from a script (unless a microsoft scripting 'language' like VBScript has special routines for it). but I suppose this would work with NT and win32 Apache *shrug*.

first you need to create a boilerplate access file called '.htaccess' in the directory you want to protect, this is the file that tells the server, that there is special authorisation needed to read that directory.. this should look something like this:

--.htaccess Snip--
AuthType Basic
AuthName ProtectedPages                             #Cosmetic Resource Text.
AuthUserFile /path.to.protected.dir/passfile       #the filename of the password file.
require user Admin Admin2                              #Users allowed to log on.

--Snip--

The you would create a boilerplate password file whos filename would be the one you specified on the AuthUserFile line in .htaccess file. i.e:

--passfile Snip--

Admin:5TmextAi8m4u2                    # Username:Encrypted password
Admin2:5TmextAi8m4u2                  # "                                          "

--Snip--

This password file gives 2 users (Admin,Admin2) access with the password 'Password'.


Thats it... All your script has to do is manipulate the 'require user' line of the .htaccess
and write/remove usernames:encrypted passwords from the password file.

That only skims the surface of web authorisation possabiltys with apache, it cant do a lot of funky things.. all is brilliantly explained on www.apache.org.

Hope that helps.
0
 
LVL 9

Author Comment

by:Rowby Goren
ID: 1829456
Hi, Eck --

Thanks for your response.  Would this system allow a user create their own password once they arrive on the page?  This is a key requirement.  Or I suppose it could automatically give the user a password from a list.

Could you clarify????


Thanks

Rowby
0

Featured Post

RHCE - Red Hat OpenStack Prep Course

This course will provide in-depth training so that students who currently hold the EX200 & EX210 certifications can sit for the EX310 exam. Students will learn how to deploy & manage a full Red Hat environment with Ceph block storage, & integrate Ceph into other OpenStack service

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This tutorial will discuss fancy secure registration forms, with AJAX technology support. In this article I assume you already know HTML and some JS. I will write the code using WhizBase Server Pages, so you need to know some basics in WBSP (you mig…
If you get a (Blue Screen of Death), your system writes a small file called a minidump. Your first step is to make certain your computer is setup to record memory dumps. Right click My Computer, choose properties. Click on the advanced tab, an…
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to count occurrences of each item in an array.
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question