><snip> I have to pass them to another HTML page that has an ActiveX
>object in it to start a JWalk (Seagull's screen scraper product)
>session.  What I'm trying to avoid is having the users type in the
>URL to the JWalk page directly and thereby bypassing our initial
>web-based security.

If they happen to use MS IE, Ctrl+D is enough to add the current page
to the favorites. And then good bye verification. If they happen to
have ICQ running, a hit on "Send URL" is enough to send it to the
world. A right click on the page and "properties" and doubleclicking
the URL, Copy, Paste, ready again. I'm sure there are more methods to
retrieve the page address. Ask your users in half a year... :-)

> There's probably a better way to do all of this,

Definitely.

What's so wrong with securing the HTML page with the ActiveX by good
old basic authentication in the HTTP server? It's not perfect, but
most likely better and easier and definitely safer than your current
approach.

PS: it's very interesting to see that when users aren't working, they
are selling/buying at ebay... ;-)))

-- 
Mit freundlichen Grüssen / best regards

Anton Gombkötö
Organisation und Projektleitung

Avenum Technologie GmbH
Wien - Salzburg - Stuttgart
http://www.avenum.com




As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.