Date: Sat, 04 May 2002 10:45:18 -0500 From: Jorge Biquez <jbiquez@icsmx.com> To: freebsd-isp@FreeBSD.ORG Subject: OFF-Topic.Restricting access to pages. Message-ID: <5.1.0.14.2.20020504103436.025a9450@icsmx.com>
next in thread | raw e-mail | index | archive | help
Hello all. I'm sorry this is off topic. A friend from the speaking Spanish list asked me to post this here to know your comments and advice. She is on a project where she needs to restrict access to certain part of a site according to certain user category. Now there are not too many users but in the future could be more and could be lot of movement on the users, changing the permissions to what they can or can not see and access on the site. She thought on solve the problem with the htacess access feature from Apache. But with this solution she does not know how to control easily the maintenance of users that access the site. The other solution we were talking (I'm trying to help her) is to develop some validation with PHP and a database, construct all pages on the fly according to permissions. We know this could be a more extensive solution and that will require more time and resources. We know that both solutions could work but we are worried (since we have never done it before) on the security. I man, if users consult the pages, let's say on a public library , the complete path of the pages will be in the history of the browser user. Teorically a user could see the history and enter the site without being asked again for the user and password. Is that right? Any ideas on other options to look? Thanks in advance. JB To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.0.14.2.20020504103436.025a9450>