Re: Password Protection

• To: srw134@psu.edu (Sean Wilkins)
• Subject: Re: Password Protection
• From: mcglynn@sentius.com (matthew mcglynn)
• Date: Fri, 9 Feb 1996 09:43:17 -0800
• Cc: www-security@ns2.rutgers.edu

+-Well my first problem is that it is on a Apple server so it has to be in
+-applescript or a script language or something like c. I can do the checking

I have a Perl script that runs under MacPerl 4.1.8 on our
web server, which also runs WebSTAR and WebSTAR SSL. It mimics a WebSTAR
security realm, which is to say if somebody tries to access this script,
their browser receives a 401 Unauthorized -- and most browsers react to this
by putting up an id/password request dialog, and re-submitting the request
with the id/pwd encoded (base64? not _encrypted_ in any case, unless of
course you're using SSL) as arguments to the GET.

It sounds like this script might be a piece of the puzzle you're trying to
put together. If you're interested let me know and I'll send you a copy.

Note that you'll need MacPerl 4.1.8 (not 5.X), and the 11/23/95 PCGI glue
(which I can send you if you can't find it at ftp.perl.com or any CPAN mirror).

Also note that MacPerl is not an ideal CGI solution, as it is not threaded
and, at least as of 4.1.8, not native. A better choice for scripting is
Frontier/Aretha; other ideas are 4D and C.

--
matt.
mcglynn@sentius.com

• Previous: Re:URGENT!! Multiple WWW names on the same machine.
• Next: Upcoming IETF Meeting
• Index(es):
  • Index
  • Thread