[ale] Web Login

[Michael Golden]

On Tue, 2002-02-12 at 11:02, Calvin Harrigan wrote:
> Greetings,
>  I have a question, what would be the best way to implement a secure login to a website.  I've seen many solutions/means/ways of doing so on the net but none seem standard or straight forward.  I would like to create a web page with a login field and password field with a submit button that calls a script to verify the password and grant access to the web site.
> I would like a secure/simple method of doing so, any suggestions?  Backend languages I can use are php, perl, shell script,c/c++.

What are you trying to protect? If you just need to protect a directory
full of stuff, a ".htaccess" file is probably all you need. To create
that you would do:
htpasswd [-c] your_password_file your_username
using the -c if you are making new password file or leaving it off if
you are adding users to it.
Then, in the .htaccess file you'd put this:

AuthUserFile full_path_to_your_password_file
AuthGroupFile /dev/null (change this if you want group authentication)
AuthName "Some name for archive"
AuthType Basic
require user user_to_allow

There is documentation on the web that explains this a bit more but this
is the basics.

If you need to password protect a dynamically generated document with
PHP then there are mechanisms in PHP for authenticating, but alas, I'm
not familiar with them.

-- 
Michael Golden <naugrimk at yahoo.com>
GnuPG Public Key: 1F8BDBDE

 This is a digitally signed message part