[1111] in WWW Security List Archive
FTP Security
daemon@ATHENA.MIT.EDU (Kim Ikbae)
Fri Nov 3 06:51:03 1995
From: Kim Ikbae <om@pc.isl.goldstar.co.kr>
To: www-security@ns2.rutgers.edu
Date: Fri, 3 Nov 1995 18:05:45 +0900 (KST)
Reply-To: om@pc.isl.goldstar.co.kr
Errors-To: owner-www-security@ns2.rutgers.edu
Hello forks.
I'm currently making WWW Page for our project team.
I'd installed all required stuffs for the service but there is
a problem which I have no idea how to deal.
As you know when a browser requsts ftp service to a server, the default
user id is set to anonymous. But I don't want to install anonymous
service for my system and let the browser access my service using some
user id so that confidential documents are not revealed to others.
I know how to restrict some directoris using .htaccess file but
even after some user succeeded the user identification the ftp
access is only under anonymous.
I tried some thing like this; http://user:passwd@host/directory/file
but this scheme shows the user and password via browser which is not
recommended by NCSA and my team members(they will kill me! :)).
So the question is that if there is any scheme which enables a user
specifies his/her user id and password just like FORM HTML page and
if the user succeeds the identification the ftp accesses the
server with the id while not showing the user's password information.
If you have any idea pls let me share!!
Thanks in advance..
Good day.
--
---------------------------------------------------------------------
Kim IkBae, Media Communication Lab. of LG Electronics, Seoul, Korea
Email : om@pc.isl.goldstar.co.kr om@156.147.3.5
Voice : 02-526-4443
Fax : 02-526-4440
Mailing Address : 16, Woomyeon-Dong, Seocho-Gu, Seoul, 137-140, Korea
