-----Original Message-----
From: web400-bounces@xxxxxxxxxxxx [mailto:web400-bounces@xxxxxxxxxxxx]On
Behalf Of David Gibbs
Sent: Monday, August 11, 2008 12:05 PM
To: Web Enabling the AS400 / iSeries
Subject: Re: [WEB400] User profile in secure pages (https)


Bradley V. Stone wrote:
For example, if you've set it up to protect /cgi-bin, that
means that for
anything outside of that path the REMOTE_USER environment
variable will not
be available.

Even if they are already authenticated?

I guess this makes sense ... if, after the user is authenticated,
the users identity is still required, some kind of authentication
token should probably be stored in a cookie or session identifier.

david

Yep, I think the Classic server had it available anywhere after
authentication, but that was really a "bug". It's been so long, it's hard
to remember.

I also like to use location containers instead of directory containters for
authentication protection. Makes it a little more readable, at least to me.

Brad
www.bvstools.com


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.