CGI question: safe passwords possible?
Dave Harrison
dave at nullcube.com
Sat May 31 03:50:02 EDT 2003
.htaccess is an apache convention that specifies what users are allowed to
access that dir (and any dir inside there of).
You create the username : password combos using a program that comes with
apache called htpasswd
The apache doco should describe how to write a .htaccess file.
Cheers
Dave
Will Stuyvesant (hwlgw at hotmail.com):
> > [Gerhard H?ring]
> > The proper solution IMO is to let the webserver authenticate the user.
> > With HTTP Digest authentication this is probably the safest you can get
> > without going SSL.
> >
> > Even in a hosted environment you should be able to upload a simple
> > .htaccess file that does this for you.
>
> Now I have a couple of questions... I did also google for some of the
> answers but it is very hard to find something clear. So if you or
> somebody else would care to give a short explanation if you have time?
>
> - Authenticate? HTTP Digest?
> To authenticate means something like identify? So the server knows it
> is *the* user and not somebody else? I have only a vague notion of
> this.
> Indeed I am on a hosted environment, so SSL is no option, as far as I
> understand...
> I did see "Authentication:" headers in the HTTP, could that be done
> from CGI?
>
> - .htaccess?
> I guess to "upload a simple .htaccess" is possible, just like putting
> .html files in ~/public_html or .py (CGI) files in ~/cgi-bin? But
> what do I put in that .htaccess file?
>
>
>
> --
> He: "If I made love to you, would you yell?"
> She: "What do you want me to yell?"
> -- Benny Hill
> --
> http://mail.python.org/mailman/listinfo/python-list
More information about the Python-list
mailing list