[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Java w/Cookies

On Fri, 23 Feb 1996 mike_grapevine@4G-GATEWAY.NSWSES.NAVY.MIL wrote:
> I know there has to be a better, more secure way than this to           
> propage user authentication information in a CGI application. Has anyone
> developed a better technique than this ? 

Yes, use standard Web-server provided authentication. On NCSA-derived 
servers, put your cgi-bin scripts in a subdirectory off the main
cgi-bin directory, and put an .htaccess file in that subdirectory. You 
can then reference your scripts like this:

<A HREF="/cgi-bin/protected/myscript">Enter the protected area</A>

You can then use the REMOTE_USER environment variable from within your
script to do further discrimination on what the user is allowed and not
allowed to do. 


This message came from the mailing list javascript. For help using the
mailing list software, please send a message to 'majordomo@obscure.org'
with the message body 'help'. To unsubscribe, send a message to
'majordomo@obscure.org' with the message body 'unsubscribe javascript'.