[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Java w/Cookies

To: javascript@obscure.org
Subject: Re: Java w/Cookies
From: Richard Bullington <rbulling@obscure.org>
Date: Fri, 23 Feb 1996 21:22:06 -0500 (EST)
In-reply-to: <9601238251.AA825101010@4G-GATEWAY.NSWSES.NAVY.MIL>
Reply-to: javascript@obscure.org
Sender: owner-javascript@obscure.org

On Fri, 23 Feb 1996 mike_grapevine@4G-GATEWAY.NSWSES.NAVY.MIL wrote:
> 
> I know there has to be a better, more secure way than this to           
> propage user authentication information in a CGI application. Has anyone
> developed a better technique than this ? 

Yes, use standard Web-server provided authentication. On NCSA-derived 
servers, put your cgi-bin scripts in a subdirectory off the main
cgi-bin directory, and put an .htaccess file in that subdirectory. You 
can then reference your scripts like this:

<A HREF="/cgi-bin/protected/myscript">Enter the protected area</A>

You can then use the REMOTE_USER environment variable from within your
script to do further discrimination on what the user is allowed and not
allowed to do. 

-Richard

--------------------------------------------------------------------
This message came from the mailing list javascript. For help using the
mailing list software, please send a message to 'majordomo@obscure.org'
with the message body 'help'. To unsubscribe, send a message to
'majordomo@obscure.org' with the message body 'unsubscribe javascript'.

References:
- Re: Java w/Cookies
  - From: mike_grapevine@4G-GATEWAY.NSWSES.NAVY.MIL

Prev by Date: Re: Returned mail
Next by Date: onMouseOver and images and other questions.
Previous by thread: Re: Java w/Cookies
Next by thread: Re: Java w/Cookies
Index(es):
- Date
- Thread