[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

Implementing security in CGI


Thanks for the reply.

I wanted to know how sites like say yahoo would implement security, knowing
that web is stateless.
I was not really looking for detailed programming help, but some pointers on
how generally people go about implementing security.
I'm aware of .htaccess in apache. The application that we are looking at has
a logon screen in the home page after which subsequent pages have to be

Thanks for the help. I would like to seek further guidance.


>-----Original Message-----
>From: Sudhakar Chandrasekharan <thaths@xxxxxxxxxxxx>
>To: linux-india-programmers@xxxxxxxxxxxxxxxxxxxxx
>Date: 15 April 2000 10:13
>Subject: Re: [LIP] Implementing security in CGI
>>"Differentiated Software Solutions Pvt. Ltd." proclaimed:
>>> To enter the site we have a login and password.
>>> After which some reports are displayed.
>>> I know that using cookies it is possible to secure the site.
>>Cookies are used to store persistent information about the user on the
>>client side.  The web as it was originally designed, is stateless.
>>when you get a page from a server, the server does not know anything about
>>whether you had gotten other pages from the same server before.  Cookies
>>add a bit of state to this process.
>>The easiest and best thing to do is set up server-level authentication.
>>Configure your server to only allow people with a username and password
>>into parts of the site.  This does not require any programming.
>>Adding authentication programatically is more painful but is the most
>>flexible way to go.
>>This topic is too broad.  I seriously recommend that you hire someone to
>>help you with this.
>>Lisa:  "Dad. You killed the zombie Flanders."
>>Homer: "He was a Zombie?"
>>Sudhakar C13n http://people.netscape.com/thaths/ Lead Indentured Slave
>>The LIP mailing list archives are available at: