Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
 Password:
Save Password
Forgot your Password?

 All Forums
 Community Forums
 Community Discussions (All other subjects)
 Logging in Windows user in ASP Code		  New Topic  Topic Locked
 Printer Friendly
Author Previous Topic Topic Next Topic  

redbrad0
Advanced Member

USA
3725 Posts
Posted - 24 July 2004 :  13:42:21  Show Profile  Visit redbrad0's Homepage  Send redbrad0 an AOL message
I want to login users to a certain username/password in ASP Code. This would be a set username/password that I do not want them to be able to see. Does anyone have any ideas how to do this?
Brad
Oklahoma City Online Entertainment Guide
Oklahoma Event Tickets

seven
Senior Member

USA
1037 Posts
Posted - 25 July 2004 :  21:00:17  Show Profile  Visit seven's Homepage
Would this not be similar to the NT features of Snitz?
Go to Top of Page

pdrg
Support Moderator

United Kingdom
2897 Posts
Posted - 26 July 2004 :  07:56:33  Show Profile  Send pdrg a Yahoo! Message
will multi users be sharing a u:p? What are they logging into? I'm guessing a snitz forum, so how would you differentiate between the users for postings/moderation etc if they didn't log in? Couldn't they just be guests?

This sounds like one of those questions that rings alarm bells in my head - usually if we go back to basics and find out exactly what you're trying to do and why, we can work out a different (and often better/easier) solution!

hth
Go to Top of Page

redbrad0
Advanced Member

USA
3725 Posts
Posted - 28 July 2004 :  19:24:19  Show Profile  Visit redbrad0's Homepage  Send redbrad0 an AOL message
Sorry for taking so long to respond but just been swamped. Basically I am working on a control panel that would just be for me and only has the things I want so I dont want to have to buy one. When the user logs into the control panel with their username/password (not NT) then to be able to call functions to create websites, users and other things it needs admin rights on the server. Hopefully that gives a idea. What I decided to do is just change in IIS the anon user to be a admin account just for the one directory.
Brad
Oklahoma City Online Entertainment Guide
Oklahoma Event Tickets
Go to Top of Page

pdrg
Support Moderator

United Kingdom
2897 Posts
Posted - 29 July 2004 :  06:22:10  Show Profile  Send pdrg a Yahoo! Message
OK, sounds like you've got a workaround, but does this mean you're implementing security by obscurity? If I find your directory, does that mean I'm admin? If so, please reconsider!

Another option would be to limit pages to a specific IP or IP range if you will just be using the one PC to work on. Not actually totally secure, but way better than giving iusr admin privs on a dir!

hth
Go to Top of Page

redbrad0
Advanced Member

USA
3725 Posts
Posted - 29 July 2004 :  10:18:58  Show Profile  Visit redbrad0's Homepage  Send redbrad0 an AOL message
Well all users will have full access to that directory once they log into the control panel. This is not live yet so I am in no harm of yet. From what I can tell this seems the way that 99% of the control panel's work just most people do not know this. If my login script stops the access to any of the pages except the login pages.
Brad
Oklahoma City Online Entertainment Guide
Oklahoma Event Tickets
Go to Top of Page

pdrg
Support Moderator

United Kingdom
2897 Posts
Posted - 02 August 2004 :  05:45:27  Show Profile  Send pdrg a Yahoo! Message
Mate, I think security by obscurity is a baaaaad way to go - at least add a header into the page script checking the IP of the request, make it a little harder than just spidering your site to get control privs!
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Topic Locked
 Printer Friendly
Jump To:
Snitz Forums 2000 © 2000-2021 Snitz™ Communications Go To Top Of Page
This page was generated in 0.3 seconds. Powered By: Snitz Forums 2000 Version 3.4.07