Solved

Password protection - password created by users

Posted on 1998-11-05
5
170 Views
Last Modified: 2013-12-25
I need a password protection program, run on a server that lets users create their own User Name and Password once they arrive on the page.  

After the password is created, then I need a way for the usual UserName/Password box to pop up.  The person enters their user name and password -- and then is given access to the restricted directories of the web site.

In addition, I need a way for the Administrator to easily go into the password lists and add/delete users.  It would be also be great if the Administration area would let the Administrator select the length of time the users' passwords would be valid -- i.e. 1-2-3 months, etc.  

I don't want java to play a part in this solution.  Strictly CGI-BIN scripting.  I don't know anything about CGI -- but would it be possible for the script to work on both UNIX and NT servers?

Thanks

Rowby

0
Comment
Question by:Rowby Goren
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
5 Comments
 
LVL 9

Author Comment

by:Rowby Goren
ID: 1829452
Edited text of question
0
 
LVL 9

Author Comment

by:Rowby Goren
ID: 1829453
Adjusted points to 300
0
 
LVL 9

Author Comment

by:Rowby Goren
ID: 1829454
Edited text of question
0
 

Accepted Solution

by:
Eck earned 300 total points
ID: 1829455
Hi rowby :]

Heres a solution for Unix/Apache, AFAIK it cant be done easily on NT/IIS from a script (unless a microsoft scripting 'language' like VBScript has special routines for it). but I suppose this would work with NT and win32 Apache *shrug*.

first you need to create a boilerplate access file called '.htaccess' in the directory you want to protect, this is the file that tells the server, that there is special authorisation needed to read that directory.. this should look something like this:

--.htaccess Snip--
AuthType Basic
AuthName ProtectedPages                             #Cosmetic Resource Text.
AuthUserFile /path.to.protected.dir/passfile       #the filename of the password file.
require user Admin Admin2                              #Users allowed to log on.

--Snip--

The you would create a boilerplate password file whos filename would be the one you specified on the AuthUserFile line in .htaccess file. i.e:

--passfile Snip--

Admin:5TmextAi8m4u2                    # Username:Encrypted password
Admin2:5TmextAi8m4u2                  # "                                          "

--Snip--

This password file gives 2 users (Admin,Admin2) access with the password 'Password'.


Thats it... All your script has to do is manipulate the 'require user' line of the .htaccess
and write/remove usernames:encrypted passwords from the password file.

That only skims the surface of web authorisation possabiltys with apache, it cant do a lot of funky things.. all is brilliantly explained on www.apache.org.

Hope that helps.
0
 
LVL 9

Author Comment

by:Rowby Goren
ID: 1829456
Hi, Eck --

Thanks for your response.  Would this system allow a user create their own password once they arrive on the page?  This is a key requirement.  Or I suppose it could automatically give the user a password from a list.

Could you clarify????


Thanks

Rowby
0

Featured Post

What Is Transaction Monitoring and who needs it?

Synthetic Transaction Monitoring that you need for the day to day, which ensures your business website keeps running optimally, and that there is no downtime to impact your customer experience.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It is becoming increasingly popular to have a front-page slider on a web site. Nearly every TV website,  magazine or online news has one on their site, and even some e-commerce sites have one. Today you can use sliders with Joomla, WordPress or …
In this tutorial I will show you how to make a simple HTML bar chart with the usage of WhizBase, If you want more information about WhizBase please read my previous articles at http://www.experts-exchange.com/ARTH_5123186.html (http://www.experts-ex…
Learn the basics of while and for loops in Python.  while loops are used for testing while, or until, a condition is met: The structure of a while loop is as follows:     while <condition>:         do something         repeate: The break statement m…
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question