> I'll check into securiing it another way, probably using HTTP as was
> suggested in a couple of different posts.

This is part of an Original HTTP server config that uses OS/400
user-id's:

  Protection Intranet {
    AuthType Basic                       
    UserID    %%CLIENT%%
    ServerID "Intranet"
    PasswdFile %%SYSTEM%%                
    GetMask all@(*)
    PostMask all@(*)
    }
 Protect /Intranet/*   Intranet

Users see a grey user id password box before they can access
http://myserver/intranet/....

Maybe you can use that for your situation, too.

Nothing else needed. Disadvantage: the password the user enters is
just encoded, not encrypted. So you should better transport that all via
https. But i guess encoding is much more than you do now... :-(

This is a part of an Apache config doing pretty much the same as above:

<Location /Intranet/>
   PasswdFile %%SYSTEM%%
   UserID %%CLIENT%%
   AuthType Basic
   AuthName "Intranet"
   Require valid-user
</Location>



-- 
Mit freundlichen Grüssen / best regards

Anton Gombkötö
Organisation und Projektleitung

Avenum Technologie GmbH
Wien - Salzburg - Stuttgart
http://www.avenum.com




As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2022 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.