Re: logins to secure web pages

• To: www-security@ns2.rutgers.edu, kwhittle@nebula.tbe.com
• Subject: Re: logins to secure web pages
• From: Holger.Reif@PrakInf.TU-Ilmenau.DE (Holger Reif)
• Date: Thu, 11 Apr 96 08:47:48 +0200

kwhittle@nebula.tbe.com wrote:
> 
> Here's a question for you...
> 
> How can I set up multiple http servers to accept the same username and password 
> information without having to enter it multiple times?

You can't do it with the existing basic authentication scheme since a name/passwd
pair is corelated to a domain (ie. a directory of a server and the subdirs)
 
> What I would like to do is have the web browser pass the second server the same 
> username and password it did the first server and have the second server accept 
> it.  
 
I'm sure you even don't want to do it this kind becasue that way you distribute
your passwds maybe widely :-)

>
> I would like to make it so that the user enters their username and password 
> once when they enter the "system" and browse freely from then on.
> I guess you could liken my goal to logging on to a domain with LAN Server or LAN 
> Manager and then having whatever resources are assigned to you available until 
> you log off. How do I do it?

A solution could be client authentication with certificates according netscapes
SSL protocol. See
http://www.netscape.com/std/newsref/

But client auth is rarely used today.
 
> Kerry
> 


read you later  -  Holger Reif
----------------------------------------  Signaturprojekt Deutsche Einheit
TU Ilmenau - Informatik - Telematik                      (Verdamp lang her)
Holger.Reif@PrakInf.TU-Ilmenau.DE         Alt wie ein Baum werden, um ueber
http://Remus.PrakInf.TU-Ilmenau.DE/Reif/  alle 7 Bruecken gehen zu koennen

• Previous: access control
• Next: Re: access control
• Index(es):
  • Index
  • Thread