Solved

Password protection - password created by users

Posted on 1998-11-05
5
166 Views
Last Modified: 2013-12-25
I need a password protection program, run on a server that lets users create their own User Name and Password once they arrive on the page.  

After the password is created, then I need a way for the usual UserName/Password box to pop up.  The person enters their user name and password -- and then is given access to the restricted directories of the web site.

In addition, I need a way for the Administrator to easily go into the password lists and add/delete users.  It would be also be great if the Administration area would let the Administrator select the length of time the users' passwords would be valid -- i.e. 1-2-3 months, etc.  

I don't want java to play a part in this solution.  Strictly CGI-BIN scripting.  I don't know anything about CGI -- but would it be possible for the script to work on both UNIX and NT servers?

Thanks

Rowby

0
Comment
Question by:Rowby Goren
  • 4
5 Comments
 
LVL 9

Author Comment

by:Rowby Goren
ID: 1829452
Edited text of question
0
 
LVL 9

Author Comment

by:Rowby Goren
ID: 1829453
Adjusted points to 300
0
 
LVL 9

Author Comment

by:Rowby Goren
ID: 1829454
Edited text of question
0
 

Accepted Solution

by:
Eck earned 300 total points
ID: 1829455
Hi rowby :]

Heres a solution for Unix/Apache, AFAIK it cant be done easily on NT/IIS from a script (unless a microsoft scripting 'language' like VBScript has special routines for it). but I suppose this would work with NT and win32 Apache *shrug*.

first you need to create a boilerplate access file called '.htaccess' in the directory you want to protect, this is the file that tells the server, that there is special authorisation needed to read that directory.. this should look something like this:

--.htaccess Snip--
AuthType Basic
AuthName ProtectedPages                             #Cosmetic Resource Text.
AuthUserFile /path.to.protected.dir/passfile       #the filename of the password file.
require user Admin Admin2                              #Users allowed to log on.

--Snip--

The you would create a boilerplate password file whos filename would be the one you specified on the AuthUserFile line in .htaccess file. i.e:

--passfile Snip--

Admin:5TmextAi8m4u2                    # Username:Encrypted password
Admin2:5TmextAi8m4u2                  # "                                          "

--Snip--

This password file gives 2 users (Admin,Admin2) access with the password 'Password'.


Thats it... All your script has to do is manipulate the 'require user' line of the .htaccess
and write/remove usernames:encrypted passwords from the password file.

That only skims the surface of web authorisation possabiltys with apache, it cant do a lot of funky things.. all is brilliantly explained on www.apache.org.

Hope that helps.
0
 
LVL 9

Author Comment

by:Rowby Goren
ID: 1829456
Hi, Eck --

Thanks for your response.  Would this system allow a user create their own password once they arrive on the page?  This is a key requirement.  Or I suppose it could automatically give the user a password from a list.

Could you clarify????


Thanks

Rowby
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The following is a collection of cases for strange behaviour when using advanced techniques in DOS batch files. You should have some basic experience in batch "programming", as I'm assuming some knowledge and not further explain the basics. For some…
This tutorial will discuss fancy secure registration forms, with AJAX technology support. In this article I assume you already know HTML and some JS. I will write the code using WhizBase Server Pages, so you need to know some basics in WBSP (you mig…
Learn the basics of lists in Python. Lists, as their name suggests, are a means for ordering and storing values. : Lists are declared using brackets; for example: t = [1, 2, 3]: Lists may contain a mix of data types; for example: t = ['string', 1, T…
The viewer will learn how to count occurrences of each item in an array.

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question