Date: Sat, 4 May 2002 11:43:27 -0500 From: "Edward Shabotinsky" <lanshark@bsinet.net> To: <freebsd-isp@FreeBSD.ORG>, "Jorge Biquez" <jbiquez@icsmx.com> Subject: Re: OFF-Topic.Restricting access to pages. Message-ID: <015001c1f38a$d11671b0$0201a8c0@britesiteinet.net> References: <5.1.0.14.2.20020504103436.025a9450@icsmx.com>
next in thread | previous in thread | raw e-mail | index | archive | help
See if this may help you out http://www.freevsd.org/ Edward Shabotinsky Systems Engineer BritesiteINet Inc. --------------------------------- www.britesite.net lanshark@bsinet.net ---------------------------------- ----- Original Message ----- From: "Jorge Biquez" <jbiquez@icsmx.com> To: <freebsd-isp@FreeBSD.ORG> Sent: Saturday, May 04, 2002 10:45 AM Subject: OFF-Topic.Restricting access to pages. > Hello all. > I'm sorry this is off topic. > A friend from the speaking Spanish list asked me to post this here to know > your comments and advice. > She is on a project where she needs to restrict access to certain part of a > site according to certain user category. Now there are not too many users > but in the future could be more and could be lot of movement on the users, > changing the permissions to what they can or can not see and access on the > site. She thought on solve the problem with the htacess access feature from > Apache. But with this solution she does not know how to control easily the > maintenance of users that access the site. > The other solution we were talking (I'm trying to help her) is to develop > some validation with PHP and a database, construct all pages on the fly > according to permissions. We know this could be a more extensive solution > and that will require more time and resources. > We know that both solutions could work but we are worried (since we have > never done it before) on the security. I man, if users consult the pages, > let's say on a public library , the complete path of the pages will be in > the history of the browser user. Teorically a user could see the history > and enter the site without being asked again for the user and password. Is > that right? Any ideas on other options to look? > > Thanks in advance. > > JB > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?015001c1f38a$d11671b0$0201a8c0>