Hi Carlos,
Since you have so many limitations on the server side, here are my
suggestions. These won't give you a great deal of security, but will help
limit access to the files and won't require the recipient to have a copy of
REBOL..
1. Create a page with the default file name ie index.htm or whatever, this
is to prevent directory browsing.
2. Place files in this directory.
3. Email the filename & paths to those who are allowed to access these files
4. Rename the files once a week or so to help control who has access.
Use REBOL to automate as much of the above as you like...
Cheers,
Allen K
----- Original Message -----
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, January 01, 1998 11:04 PM
Subject: [REBOL] Simple Password Checking Re:(2)
Thank you Ted for your comments but actually I have no such a web server
where I can manipulate permissions and so on. My website is hosted by some
guys I don't even know but don't allow CGI scriptting on their server.
I need to find ways that don't envolve server side solutions to handle
protection file stuff.
It seems that only with a Java Applet I could do that. Am I wrong?
-----Original Message-----
From: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date: Thursday, December 30, 1999 5:13 PM
Subject: [REBOL] Simple Password Checking Re:
Why don't you want them to enter their own username and password?
If that's not a critical requirement, and if you're using an Apache Web
server, you should be able to do this just by editing a permissions file in
whatever directories you want to protect. The browser would then prompt for
the username and password automatically, and there is nothing else to do.
Under Windows, I think if their desktoip login name/password matches a
Website user/password, they might not be prompted at all, but I would have
to check that.
Another approach would be to use a script that checked the password in
an internal file, and then passed them the URL to download from a secret
directory on your server. If you didn't want them to bother with a password
the second time, from the same location, you could save the user information
in a cookie.
In either case, they wouldn't need REBOL on their machines. It can all
be handled server side. Entering the username/password at least once seems
simpler than getting people to install REBOL to run one script.
If this is a critical requirement for same reason, another idea might be
to distribute a HTML page with their username and password embedded in a
"click me" hyperlink, which would then send this to a server-side script
(see approach /2).
-Ted.
*********** REPLY SEPARATOR ***********
On 12/30/1999 at 3:28 PM [EMAIL PROTECTED] wrote:
Hi Rebols,
I'm fighting against the idea of having to learn Perl or Java just
to get this small project:
I'm considering the possibility of having a script on my web site
that could grant permission to some users to download files according to the
rights they have.
The idea is to distribute REBOL.EXE to the people I want to access
my web site so they can login without having to enter USERNAME & PASSWORD.
All they have to do is to run this script that probably will have to
have their username & password values inside it and also what files each
user can download.
Since username and password match, the script will write on user's
machine their files.
Is it possible?
Does anyone here would like to make me a draft of this in REBOL?
Some code I could use as a start point, since I'm a beginner.
Thanks for any help
Happy New Year to you all from Brazil!!!!!!!!!!!!!!!!!
Carlos
