[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

Re: Implementing security in CGI



"Differentiated Software Solutions Pvt. Ltd." proclaimed:
> To enter the site we have a login and password.
> After which some reports are displayed.
> 
> I know that using cookies it is possible to secure the site.

Cookies are used to store persistent information about the user on the
client side.  The web as it was originally designed, is stateless.  Meaning
when you get a page from a server, the server does not know anything about
whether you had gotten other pages from the same server before.  Cookies
add a bit of state to this process.

The easiest and best thing to do is set up server-level authentication. 
Configure your server to only allow people with a username and password
into parts of the site.  This does not require any programming.

Adding authentication programatically is more painful but is the most
flexible way to go.

This topic is too broad.  I seriously recommend that you hire someone to
help you with this.

Thaths
-- 
Lisa:  "Dad. You killed the zombie Flanders."
Homer: "He was a Zombie?"
Sudhakar C13n http://people.netscape.com/thaths/ Lead Indentured Slave