simple security/authentication
simple security/authentication
- Subject: simple security/authentication
- From: Graham J Lee <email@hidden>
- Date: Thu, 08 Sep 2005 14:38:16 +0100
</lurk>
Hi,
I'm a bit new at this webobjects lark, I've written toy apps in 4.0 and
5.x and now it's time to do something useful with my time :-) .
I'm writing a WOA which needs a user to authenticate in order to use the
application but then doesn't need to keep track of the user after that.
I can think of two different ways of achieving that:
[i] I found on stepwise a way to do it through HTTP basic authentication:
http://www.stepwise.com/Articles/Technical/BasicAuthentication.html
I could follow that[*], or could I in httpd.conf set a realm
corresponding to the base URL of the application (e.g.
/cgi-bin/WebObjects/Application) and wrap the whole thing in
htpasswd-protected access?
[*]although I'm not sure how to load a PB.project into Xcode 2.1...
[ii] before I discovered that, I had thought of doing the following in
Main.java:
public WOComponent doLogin()
{
// fetch credentials and compare against those supplied by user
if(successful) return nextPage;
else return null;
}
This does do what I want, but does that actually offer the security I
need, i.e. does it make it impossible to get to nextPage without a set
of valid credentials?
Thanks,
Graham.
--
Graham Lee
UNIX Systems Manager,
Oxford Physics Practical Course
Technical Bod, Oxford Mac Users' Group
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden