Beefy Boxes and Bandwidth Generously Provided by pair Networks
P is for Practical
 
PerlMonks  

Re: Limiting access to a local web application

by blahblahblah (Priest)
on Aug 03, 2008 at 23:42 UTC ( #701947=note: print w/ replies, xml ) Need Help??


in reply to Limiting access to a local web application

What OS, browser, and web server are you dealing with? (Or do you have to support more than one combo of those?)

There might be some server-specific or browser-specific solution. For example, I think that for IIS if you disable anonymous access and enable integrated authentication, then IE will just send the user's credentials along, without ever prompting for a username/password. I think there's also a mod_auth_something for apache that can be configured to work the same way, checking Active Directory for its data.

You might be able to find a simpler solution based on the fact that the server and client are the same machine. For example, if you are running all of this on a single-user desktop windows machine, your cgi app could (I think) find out the currently logged in user through WMI. You're probably better off going with a more standard method though. Writing a home-grown authentication method is just asking for trouble. Even if nobody cares to hack into your app, they might still exploit a bug or oversight in your scheme to gain access to other parts of the system. When your users whine about having to type in a simple id & password (just once if you use cookies), tell them it's for their own data security. They should get over it quickly.


Comment on Re: Limiting access to a local web application

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://701947]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others perusing the Monastery: (9)
As of 2015-07-29 02:38 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (260 votes), past polls