× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. March 2005

Validation lists - href tag vs. URL

Hello all,

 I'm having trouble making a validation list behave and hope someone will be
kind enough to point me in the right direction.

 Before we open our intranet application to our internet customers, we want
to replace the use of system directory userids with validation list userids.
The pilot project is a simple document retrieval system: a user logs into a
.jsp, enters some filter criteria, then clicks on the resulting "<a
href="/usr/docs/0123456.xls">view</a>" tag to grab the selected file.

PhaseI assigned the "/usr/docs" directory to a validation list. Everything
works as anticipated: the user is challenged for the validation list userid
as soon as the document's tag is clicked.

PhaseII is causing problems. Since we'd like to challenge the user as soon
as they hit the first page, I assigned the same list to the application's
directory, thinking that the system would issue the userid challenge as soon
as the user dropped into http://myserver/www/myjsp/myapps/test/login.jsp. Of
course, we'll eventually rewrite the app to display the "filters.jsp" page
instead of the old "login.jsp", all I'm trying to do now is prove the
concept. 

  No dice. The page is served as usual, no prompt. The access log shows no
'authorization failure', nothing to indicate that the directory is secured.
I'm quite sure the spelling and config are correct.

 Apparently there is some distinction between accessing an IFS object via an
href and executing a .jsp via the URL that I'm not grasping. Is something
intercepting login.jsp before the authorization logic kicks in? Maybe
there's another way to do this?

Many thanks
JK

 
This one prompts
  48       <Directory /usr/docs>
  49            Order Allow,Deny
  50           Allow From all
  51           Require valid-user
  52            PasswdFile mylib/supplier
  53            AuthType Basic
  54            AuthName "Supplier website"
  55       </Directory>

This one doesn't
  76       <Directory /www/myjsp/myapps/test>
  77            Order Allow,Deny
  78            Allow From all
  79            Require valid-user
  80            PasswdFile mylib/supplier
  81            AuthType Basic
  82            AuthName "Supplier website"
  83       </Directory>

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.