?
Solved

Presenting an access control window to the user

Posted on 1999-01-11
8
Medium Priority
?
200 Views
Last Modified: 2010-04-09
 if you enter www.creative-club.com/ then the first thing
  you will see is an access control window.

  It looks like the window presented are caused by some
  network validation things....
  Whatever the reason is for the window to be presented
  on creative-club.com  ....I just want a similar way of
  presenting and checking users for valid ID's...but
  whithout changing any contents in the current viewed
  pages (where ever the user might be in my site),,,and
  also be able to use it before anyone can see my welcome
  pages as well.

  -How can I create a window like this?
  -How do I present it to the user?
  -And how do I still keep window open for more tries
    if the user enters wrong userid and/or password?
 
  Examplecode please.  

  I'm using FrontPage98, ASP, Windows95 and PersonalServer
  and are familar with VBScript and some JavaScript.
0
Comment
Question by:erot
  • 4
  • 3
8 Comments
 
LVL 6

Expert Comment

by:PBall
ID: 1841578
You used to be able to do this with the older PWS, but not anymore.  Now, this is only available on fullblown IIS 4.0.

To present the access control window, simply remove unanymous user access from the web and enable basic authentication.  This will force the web server to authenticate the user (this will work on both FAT and NTFS partitions) but you need NT 4.0 Server for this.

For page level security, you will need NTFS partition on the drive where the web site is located.  You will have to go into the web site directory structure itself and change file security to only allow certain groups/user.  If you take out / set No Access to the IUSR_machinename user, the page will force the web server to authenticate the user.

The explanation that I gave above will only work on NT Server and IIS.  For other server such as Apache, Netscape, etc.  different method of authentication must be used.

0
 

Author Comment

by:erot
ID: 1841579
My main question is: Is it possible to present an access-window
  similar to the window mentioned in my original Q.

  Please read my question again.
 
0
 
LVL 6

Expert Comment

by:PBall
ID: 1841580
OK, you want so when people type in... www.me.com, a login password will pop-up, even before rendering the first page.  correct?

1. If you take out unanonymous access for that particular web, the window will pop-up.

2. If using NTFS, you could do the same thing by taking / not giving any acess from IUSR_machine name for that entire web directory structure and its subdirectories.

3. The second answer will only work for IIS

4. For other servers, you need to figure out how they are doing their security and follow those steps.  Different server different method.


>....I just want a similar way of presenting and checking users for valid ID's...but whithout changing any contents in the current viewed pages

What exactly do you mean by that?  You either protect the page or not at all.  When a user arrived at the protected page, they'll be asked to authenticate themselves to the server.  You will not see any content of that protected page before you authenticate yourself.

>and also be able to use it before anyone can see my welcome pages as well.
See answer above?

What am I missing here?


0
What Kind of Coding Program is Right for You?

There are many ways to learn to code these days. From coding bootcamps like Flatiron School to online courses to totally free beginner resources. The best way to learn to code depends on many factors, but the most important one is you. See what course is best for you.

 

Accepted Solution

by:
thespis earned 280 total points
ID: 1841581
Okay, the previous comments are just way too intense... What if he is not using NT?  Ya know?  Here are a couple of  possibilities...  one for just a window in JavaScript and one for UNIX authentication.  Hopefully one of them will be useful to you.  If you need further info, I will be happy to help.


Method One - New Small Window Only

As for opening a new window, JavaScript will provide you with that.  Simple enough:

     <SCRIPT LANGUAGE="javascript">
     <!--
     window.open ('page.html', 'newwindow', config='height=100,
     width=400, toolbar=no, menubar=no, scrollbars=no,
     resizable=no, location=no, directories=no, status=no')
     -->
     </SCRIPT>  

Obviously, you can customize these settings, but page.html will contain the contents of this window.  You set the height width.  The No tool, No menu, No scroll, No resize, No Location, No Directories & No Status cause it to be just a plain window.  Note: If your page doesn't fit in a window with no scroll, the browser will not care.



METHOD TWO:   UNIX Authentication

This is for use if you have FTP access to a UNIX based server.
This is true username/password authentication used on all the big sites.

1.  Create a text file called ".htaccess"  (Yes, the period is part of the name).  This file should contain:

AuthUserFile /usr/local/etc/htpasswd
AuthGroupFile /dev/null
AuthName Enter Password to Reach My Page
AuthType Basic
<Limit GET PUT POST>
require user pumpkin
</Limit>

In this example, the valid login name is "pumpkin".
After creating this file, you upload it to the directory you wish to secure.  Contact a web administrator and ask where the htpasswd file is located (make sure your string above matches).  Add a line to it:

pumpkin:password   (replace password)
0
 

Author Comment

by:erot
ID: 1841582
have to go on vacation...untill 20. january.
Will come back laiter on with evaluation of the answers....
0
 
LVL 6

Expert Comment

by:PBall
ID: 1841583
> Okay, the previous comments are just way too intense...

How so? They are valid authentications solution on an NT server and IIS.  Beside, taking anonymous access can also work on some other different server such as Netscape (I did administer a Netscape Communication Server at one point)

>What if he is not using NT?  Ya know?

Go read my first post.. I believe I stated that different web server uses different authentication method, did I not?

If you miss it, here it is again:

"The explanation that I gave above will only work on NT Server and IIS.  For other server such as Apache, Netscape, etc.  different method of authentication must be used."

>Method One - New Small Window Only

Heh, you gotta admit this one is so weak.  opening a window by itself will not authenticate user, where is the script to do the authentication? how about the i don't want to show my first page content until the user get authenticated part?  how about i want to give the user x times chances until an access denied box is shown?

>METHOD TWO:   UNIX Authentication
I give you this one.

What if he is not using UNIX?  What if he is using xitami (or _insert other web server name here) web server?


Just reciprocating...
P-Ball X-) hehe



0
 
LVL 6

Expert Comment

by:PBall
ID: 1841584
I am sorry erot for using your question as a battleground, but he started it, i didn't hehe.
0
 

Author Comment

by:erot
ID: 1841585
At least back from vacation....Thanks for the answer...
You understood my question?  Great.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
Originally, this post was published on Monitis Blog, you can check it here . In business circles, we sometimes hear that today is the “age of the customer.” And so it is. Thanks to the enormous advances over the past few years in consumer techno…
HTML5 has deprecated a few of the older ways of showing media as well as offering up a new way to create games and animations. Audio, video, and canvas are just a few of the adjustments made between XHTML and HTML5. As we learned in our last micr…
Learn how to create flexible layouts using relative units in CSS.  New relative units added in CSS3 include vw(viewports width), vh(viewports height), vmin(minimum of viewports height and width), and vmax (maximum of viewports height and width).

589 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question