Re: Permissions Ignored - PLEASE HELP
This WebDNA talk-list message is from 2003
It keeps the original formatting.
numero = 47057
interpreted = N
texte = Are you storing CC numbers? If so, email a link to the person whom takes theCC info. This person can then access a template protected by [protect] and viaSSL for an encrypted connection. This template then accesses a credit card database(that is not accessibl via http or ftp). The template can have a form submit thatdeletes the info after access.DonovanKimberly D. Walls wrote:>More specifically, do you recommend I use [protect] for everything? Credit>card numbers as well?>>>>>>-----Original Message----->From: WebCatalog Talk [mailto:WebDNA-Talk@talk.smithmicro.com]On Behalf>Of John Peacock>Sent: Wednesday, January 22, 2003 9:18 AM>To: WebCatalog Talk>Subject: Re: Permissions Ignored - PLEASE HELP>>>Kimberly D. Walls wrote:> >>>For an Orders directory, on top of SSL 128bit, I have permissions set to>>deny access to anyone outside of the admin group as well as specified>> >>>users.> >>>Inside this directory, I have index.html and this is what happens at the>>browser level:>>>>https://www.maggielyon.com:447/retail/orders/ username and password>> >>>prompt> >>>& index.html is automatically served>>https://www.maggielyon.com:447/retail/orders/index.html no username and>>password prompt & index.html is automatically served>> >>>>This is a misunderstanding of the web server's security realms. I assume>you>required a username/password to access the directory from the IIS management>app; however you have .html mapped to WebCat. By directly requesting the>mapped>file, you are going around the IIS security. You should be using WebCat>security to protect your files, not IIS security.>>HTH>>John>>-->John Peacock>Director of Information Research and Technology>Rowman & Littlefield Publishing Group>4720 Boston Way>Lanham, MD 20706>301-459-3366 x.5010>fax 301-429-5747>>>------------------------------------------------------------->This message is sent to you because you are subscribed to> the mailing list
.>To unsubscribe, E-mail to: >To switch to the DIGEST mode, E-mail to>>Web Archive of this list is at: http://webdna.smithmicro.com/>>>>>------------------------------------------------------------->This message is sent to you because you are subscribed to> the mailing list .>To unsubscribe, E-mail to: >To switch to the DIGEST mode, E-mail to >Web Archive of this list is at: http://webdna.smithmicro.com/>> >-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Associated Messages, from the most recent to the oldest:
Are you storing CC numbers? If so, email a link to the person whom takes theCC info. This person can then access a template protected by [protect] and viaSSL for an encrypted connection. This template then accesses a credit card database(that is not accessibl via http or ftp). The template can have a form submit thatdeletes the info after access.DonovanKimberly D. Walls wrote:>More specifically, do you recommend I use [protect] for everything? Credit>card numbers as well?>>>>>>-----Original Message----->From: WebCatalog Talk [mailto:WebDNA-Talk@talk.smithmicro.com]On Behalf>Of John Peacock>Sent: Wednesday, January 22, 2003 9:18 AM>To: WebCatalog Talk>Subject: Re: Permissions Ignored - PLEASE HELP>>>Kimberly D. Walls wrote:> >>>For an Orders directory, on top of SSL 128bit, I have permissions set to>>deny access to anyone outside of the admin group as well as specified>> >>>users.> >>>Inside this directory, I have index.html and this is what happens at the>>browser level:>>>>https://www.maggielyon.com:447/retail/orders/ username and password>> >>>prompt> >>>& index.html is automatically served>>https://www.maggielyon.com:447/retail/orders/index.html no username and>>password prompt & index.html is automatically served>> >>>>This is a misunderstanding of the web server's security realms. I assume>you>required a username/password to access the directory from the IIS management>app; however you have .html mapped to WebCat. By directly requesting the>mapped>file, you are going around the IIS security. You should be using WebCat>security to protect your files, not IIS security.>>HTH>>John>>-->John Peacock>Director of Information Research and Technology>Rowman & Littlefield Publishing Group>4720 Boston Way>Lanham, MD 20706>301-459-3366 x.5010>fax 301-429-5747>>>------------------------------------------------------------->This message is sent to you because you are subscribed to> the mailing list .>To unsubscribe, E-mail to: >To switch to the DIGEST mode, E-mail to>>Web Archive of this list is at: http://webdna.smithmicro.com/>>>>>------------------------------------------------------------->This message is sent to you because you are subscribed to> the mailing list .>To unsubscribe, E-mail to: >To switch to the DIGEST mode, E-mail to >Web Archive of this list is at: http://webdna.smithmicro.com/>> >-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Donovan
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
Error -108 (1997)
verify online (1997)
Multiple prices (1997)
search / summary (2005)
[WebDNA] maybe silly suggestion? [founditems] (2015)
WebDNA still will not start on restart (2002)
Multiple Merchant Accounts? (1997)
range searching (1998)
WebCatalog on Linux (2000)
[WebDNA] User Management System [Cookie] (2008)
Updating Prices in Online Database (1999)
[format xs] freeze (1997)
[WebDNA] Encode cookies ONLY via "method=Base64" (2012)
wierd [cart] action! (1997)
pc (1997)
RE: extended ASCII with middle command (1999)
[protect] on NT? (1997)
test (2008)
Bug Report, maybe (1997)
purchase.log file (1997)