Re: Permissions Ignored - PLEASE HELP

This WebDNA talk-list message is from

2003


It keeps the original formatting.
numero = 47057
interpreted = N
texte = Are you storing CC numbers? If so, email a link to the person whom takes the CC info. This person can then access a template protected by [protect] and via SSL for an encrypted connection. This template then accesses a credit card database (that is not accessibl via http or ftp). The template can have a form submit that deletes the info after access.DonovanKimberly D. Walls wrote:>More specifically, do you recommend I use [protect] for everything? Credit >card numbers as well? > > > > > >-----Original Message----- >From: WebCatalog Talk [mailto:WebDNA-Talk@talk.smithmicro.com]On Behalf >Of John Peacock >Sent: Wednesday, January 22, 2003 9:18 AM >To: WebCatalog Talk >Subject: Re: Permissions Ignored - PLEASE HELP > > >Kimberly D. Walls wrote: > > >>For an Orders directory, on top of SSL 128bit, I have permissions set to >>deny access to anyone outside of the admin group as well as specified >> >> >users. > > >>Inside this directory, I have index.html and this is what happens at the >>browser level: >> >>https://www.maggielyon.com:447/retail/orders/ username and password >> >> >prompt > > >>& index.html is automatically served >>https://www.maggielyon.com:447/retail/orders/index.html no username and >>password prompt & index.html is automatically served >> >> > >This is a misunderstanding of the web server's security realms. I assume >you >required a username/password to access the directory from the IIS management >app; however you have .html mapped to WebCat. By directly requesting the >mapped >file, you are going around the IIS security. You should be using WebCat >security to protect your files, not IIS security. > >HTH > >John > >-- >John Peacock >Director of Information Research and Technology >Rowman & Littlefield Publishing Group >4720 Boston Way >Lanham, MD 20706 >301-459-3366 x.5010 >fax 301-429-5747 > > >------------------------------------------------------------- >This message is sent to you because you are subscribed to > the mailing list . >To unsubscribe, E-mail to: >To switch to the DIGEST mode, E-mail to > >Web Archive of this list is at: http://webdna.smithmicro.com/ > > > > >------------------------------------------------------------- >This message is sent to you because you are subscribed to > the mailing list . >To unsubscribe, E-mail to: >To switch to the DIGEST mode, E-mail to >Web Archive of this list is at: http://webdna.smithmicro.com/ > > >------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: Permissions Ignored - PLEASE HELP (Alain Russell 2003)
  2. Re: Permissions Ignored - PLEASE HELP (Stuart Tremain 2003)
  3. Re: Permissions Ignored - PLEASE HELP (Gary Krockover 2003)
  4. Re: Permissions Ignored - PLEASE HELP (Alain Russell 2003)
  5. Re: Permissions Ignored - PLEASE HELP (Andrew Simpson 2003)
  6. Re: Permissions Ignored - PLEASE HELP (Alex McCombie 2003)
  7. Re: Permissions Ignored - PLEASE HELP (Andrew Simpson 2003)
  8. Re: Permissions Ignored - PLEASE HELP (Kenneth Grome 2003)
  9. Re: Permissions Ignored - PLEASE HELP (Bob Minor 2003)
  10. Re: Permissions Ignored - PLEASE HELP (Kimberly D. Walls 2003)
  11. Re: Permissions Ignored - PLEASE HELP (John Peacock 2003)
  12. Re: Permissions Ignored - PLEASE HELP (Donovan 2003)
  13. Re: Permissions Ignored - PLEASE HELP (WJ Starck 2003)
  14. Re: Permissions Ignored - PLEASE HELP (Donovan 2003)
  15. Re: Permissions Ignored - PLEASE HELP (Donovan 2003)
  16. Re: Permissions Ignored - PLEASE HELP (Kimberly D. Walls 2003)
  17. Re: Permissions Ignored - PLEASE HELP (John Peacock 2003)
  18. Re: Permissions Ignored - PLEASE HELP (Kimberly D. Walls 2003)
  19. Re: Permissions Ignored - PLEASE HELP (John Peacock 2003)
  20. Permissions Ignored - PLEASE HELP (Kimberly D. Walls 2003)
Are you storing CC numbers? If so, email a link to the person whom takes the CC info. This person can then access a template protected by [protect] and via SSL for an encrypted connection. This template then accesses a credit card database (that is not accessibl via http or ftp). The template can have a form submit that deletes the info after access.DonovanKimberly D. Walls wrote:>More specifically, do you recommend I use [protect] for everything? Credit >card numbers as well? > > > > > >-----Original Message----- >From: WebCatalog Talk [mailto:WebDNA-Talk@talk.smithmicro.com]On Behalf >Of John Peacock >Sent: Wednesday, January 22, 2003 9:18 AM >To: WebCatalog Talk >Subject: Re: Permissions Ignored - PLEASE HELP > > >Kimberly D. Walls wrote: > > >>For an Orders directory, on top of SSL 128bit, I have permissions set to >>deny access to anyone outside of the admin group as well as specified >> >> >users. > > >>Inside this directory, I have index.html and this is what happens at the >>browser level: >> >>https://www.maggielyon.com:447/retail/orders/ username and password >> >> >prompt > > >>& index.html is automatically served >>https://www.maggielyon.com:447/retail/orders/index.html no username and >>password prompt & index.html is automatically served >> >> > >This is a misunderstanding of the web server's security realms. I assume >you >required a username/password to access the directory from the IIS management >app; however you have .html mapped to WebCat. By directly requesting the >mapped >file, you are going around the IIS security. You should be using WebCat >security to protect your files, not IIS security. > >HTH > >John > >-- >John Peacock >Director of Information Research and Technology >Rowman & Littlefield Publishing Group >4720 Boston Way >Lanham, MD 20706 >301-459-3366 x.5010 >fax 301-429-5747 > > >------------------------------------------------------------- >This message is sent to you because you are subscribed to > the mailing list . >To unsubscribe, E-mail to: >To switch to the DIGEST mode, E-mail to > >Web Archive of this list is at: http://webdna.smithmicro.com/ > > > > >------------------------------------------------------------- >This message is sent to you because you are subscribed to > the mailing list . >To unsubscribe, E-mail to: >To switch to the DIGEST mode, E-mail to >Web Archive of this list is at: http://webdna.smithmicro.com/ > > >------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Donovan

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Error -108 (1997) verify online (1997) Multiple prices (1997) search / summary (2005) [WebDNA] maybe silly suggestion? [founditems] (2015) WebDNA still will not start on restart (2002) Multiple Merchant Accounts? (1997) range searching (1998) WebCatalog on Linux (2000) [WebDNA] User Management System [Cookie] (2008) Updating Prices in Online Database (1999) [format xs] freeze (1997) [WebDNA] Encode cookies ONLY via "method=Base64" (2012) wierd [cart] action! (1997) pc (1997) RE: extended ASCII with middle command (1999) [protect] on NT? (1997) test (2008) Bug Report, maybe (1997) purchase.log file (1997)