Solved

Security

Posted on 1999-01-12
6
145 Views
Last Modified: 2010-04-09
Hi,

I created a webpage(Say Page A) asking the userId and Password,after the user entering the ID,password i am sending to the CGI program in a server,there i am checking .If the UserID and Password  is correct i am allowing to access another page(Say page B)

Suppose if the users knows the page B 's URL ,he can directly type the URL of Page B and he will enter in to the page B.Then what is the security ?then why we need the first page(Page A)UserID and Password.How i will protect the user directly entering in to the particular page instead of entering in to the UserId and Password page.please Help Me.
0
Comment
Question by:senthil_krn
6 Comments
 
LVL 5

Expert Comment

by:Christian_Wenz
ID: 1841613
you can try setting a cookie if the user enters the correct username/password combination, and make page B require this cookie.
However, why don't you just password-protect page B using htaccess?
0
 
LVL 11

Accepted Solution

by:
mouatts earned 20 total points
ID: 1841614
An alternative way is to check the environment variable HTTP_REFERER when a request for page B is made if this is anything other than page a then it indicates that access was not via the proper route.

Tied in with this is that the CGI can output the page which if you want stored as a normal html page can be stored in a location that the CGI can get to but the webserver can't.

There are a few other methods but when you start taking control of the security of a site, rather than leaving it to htaccess et al, you will soon find that you will need to generate all pages.

HTH
Steve
0
 
LVL 84

Expert Comment

by:ozo
ID: 1841615
@
0
ScreenConnect 6.0 Free Trial

Want empowering updates? You're in the right place! Discover new features in ScreenConnect 6.0, based on partner feedback, to keep you business operating smoothly and optimally (the way it should be). Explore all of the extras and enhancements for yourself!

 

Author Comment

by:senthil_krn
ID: 1841616
Sorry i am new to this Concept can u give a code.
0
 
LVL 5

Expert Comment

by:Christian_Wenz
ID: 1841617
what kind of web server are you currently using? do you have cgi access?
0
 

Author Comment

by:senthil_krn
ID: 1841618
I am Using a NetscapeServer (Webserver version 3.6) and i am having cgi access.
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
ASP:Radiobuttonlist/asp:RadioButtonListItem custom styling 1 42
CSS Logo Problem. 2 21
Problem with spacing columns on a row in a table 10 25
Html5 Index on a table 7 26
This article discusses how to create an extensible mechanism for linked drop downs.
Find out what you should include to make the best professional email signature for your organization.
In this tutorial viewers will learn how add a scalable full-width header using CSS3. Create a new HTML document with an internal stylesheet. Set a tiled background.:  Create a new div and name it Header. Position it with position:absolute at the top…
In this tutorial viewers will learn how to embed an audio file in a webpage using HTML5. Ensure your DOCTYPE declaration is set to HTML5: : The declaration should display (CODE) HTML5 is supported by the most recent versions of all major browsers…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question