Beefy Boxes and Bandwidth Generously Provided by pair Networks
XP is just a number

Re: Limiting access to a local web application

by blahblahblah (Priest)
on Aug 03, 2008 at 23:42 UTC ( #701947=note: print w/replies, xml ) Need Help??

in reply to Limiting access to a local web application

What OS, browser, and web server are you dealing with? (Or do you have to support more than one combo of those?)

There might be some server-specific or browser-specific solution. For example, I think that for IIS if you disable anonymous access and enable integrated authentication, then IE will just send the user's credentials along, without ever prompting for a username/password. I think there's also a mod_auth_something for apache that can be configured to work the same way, checking Active Directory for its data.

You might be able to find a simpler solution based on the fact that the server and client are the same machine. For example, if you are running all of this on a single-user desktop windows machine, your cgi app could (I think) find out the currently logged in user through WMI. You're probably better off going with a more standard method though. Writing a home-grown authentication method is just asking for trouble. Even if nobody cares to hack into your app, they might still exploit a bug or oversight in your scheme to gain access to other parts of the system. When your users whine about having to type in a simple id & password (just once if you use cookies), tell them it's for their own data security. They should get over it quickly.

  • Comment on Re: Limiting access to a local web application

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://701947]
[stevieb]: I really dislike how perlbrew doesn't list your version of perl if a newer minor version bump has happened. eg: I use 5.24.1, but 5.24.2 is available, hiding my 5.24.1. I may look at this, as I made it display correctly in berrybrew in cases like this
[stevieb]: choroba just gleaned your post about Module::Starter. I use it too, pretty much for every dist I write
[LanX]: I remeber M::S (it was dialog driven?) to be buggy
[stevieb]: As far as Dist::Zilla goes, I don't like installing that other than on systems my test platorm runs on. I find it too heavy. I prefer being able to glean a Makefile.PL
[LanX]: what's frustrating me is that a distribution has lots of dupplicated info

How do I use this? | Other CB clients
Other Users?
Others romping around the Monastery: (7)
As of 2017-08-18 20:50 GMT
Find Nodes?
    Voting Booth?
    Who is your favorite scientist and why?

    Results (310 votes). Check out past polls.