Welcome Guest ( Log In | Register )



 
 Reply to this topicStart new topic
> Password Protection
Mitch666Holland
post Aug 21 2008, 03:41 AM
Post #1


Newbie [ Level 1 ]
Group Icon

Group: Members
Posts: 6
Joined: 9-August 08
From: Texas
Member No.: 31,942
is there any way to make a user name and password protection using only html and java that saves the user/pass in the code and isnt needed to install anything into a sever or anything like that
Go to the top of the page
 
+Quote Post
vujsa
post Aug 21 2008, 04:44 AM
Post #2


Absolute Newbie
Group Icon

Group: Admin
Posts: 888
Joined: 20-February 05
From: Indianapolis, Indiana, USA (Midwest)
Member No.: 2,714
myCENTs:35.43
QUOTE(Mitch666Holland @ Aug 20 2008, 11:41 PM) *
is there any way to make a user name and password protection using only html and java that saves the user/pass in the code and isnt needed to install anything into a sever or anything like that

In short, no. Storing the authentication information in the code will not work since anyone can view client side code. Furthermore, you would need to change the code every time a new user was added which is normally done automatically server side. Client side scripts cannot change a file on a server without a server side script to interface with.

vujsa
Go to the top of the page
 
+Quote Post
tansqrx
post Aug 25 2008, 10:21 PM
Post #3


Super Member
Group Icon

Group: [HOSTED]
Posts: 555
Joined: 25-April 05
Member No.: 4,374
myCENTs:68.76
Agreed. By having the password in the HTML, anyone who looks at the HTML will know the password. Even if you encrypt the password the encryption key will have to be stored in the HTML and it is only a matter of time before the password is found. The best you could hope for here is security through obscurity.
Go to the top of the page
 
+Quote Post
magiccode9
post Aug 26 2008, 04:24 AM
Post #4


Advanced Member
Group Icon

Group: [HOSTED]
Posts: 115
Joined: 7-November 05
Member No.: 9,489
This might secure on some old days.
As computer growth faster.
It is risking !

So, I don't suggest that too.
Go to the top of the page
 
+Quote Post
wutske
post Aug 26 2008, 10:22 AM
Post #5


Way Out Of Control - You need a life :)
Group Icon

Group: [HOSTED]
Posts: 1,077
Joined: 2-August 05
From: Kapellen (Antwerp, Belgium)
Member No.: 7,585
You could do this in Java (afaik java applets are compiled so there's no source code visible).This might secure on some old days.
As computer growth faster.
It is risking !

So, I don't suggest that too. However, I do not suggest you to store the password, but a hash of the password (something you always have to do). If a user wants to sign in, the password he entered should be hashed too and then compared to the hash that you saved in the source code. The should keep most malicious users away, but people with some computer knowledge can break it anyway.
Go to the top of the page
 
+Quote Post
yordan
post Aug 26 2008, 10:28 AM
Post #6


Way Out Of Control - You need a life :)
Group Icon

Group: [MODERATOR]
Posts: 2,186
Joined: 16-August 05
Member No.: 7,896
myCENTs:61.17
You could imagine using the AuthUserFile authentication instruction in in the .htaccess file.
These instructions tell the Apache server to use the user passwords you have define using the password generated by the htpasswd command.
See for instance here http://bignosebird.com/apache/a10.shtml
Go to the top of the page
 
+Quote Post
« Next Oldest · Web Design and HTML · Next Newest »
 

Reply to this topicStart new topic

Collapse

> Similar Topics

Topics Topics
  1. password protection thing(2)


 

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

- Lo-Fi Version Time is now: 22nd November 2008 - 02:48 PM
Powered By IP.Board 2.2.1 © 2008  IPS, Inc.
Licensed to: Xisto Corporation