Private/.SkeletonDir/index.html

   1 <html>
   2 <head>
   3 <title>
   4         Private data
   5 </title>
   6 <script type="text/javascript">
   7 <SCRIPT TYPE="text/ssperl" SRC="./JavaScript/CGIscriptorSession.js"></SCRIPT>
   8
   9 window.onload = function() {
  10         loadSessionData (CGIscriptorSessionType, CGIscriptorChallengeTicket);
  11         return true;
  12 };
  13
  14 </script>
  15
  16 <script type="text/javascript">
  17 <SCRIPT TYPE="text/ssperl" SRC="./JavaScript/sha.js"></SCRIPT>
  18 </script>
  19 </head>
  20 <body>
  21 <p>
  22 <table width='100%'><tr>
  23         <td style='text-align: left'><a href="/index.html">Home</a></td>
  24         <td style='text-align: right'><a href="?LOGOUT">Logout</a></td>
  25 </tr></table>
  26 </p>
  27 <p ALIGN=RIGHT><a href="index.html">Private Home page</a><br />
  28 <p ALIGN=RIGHT><a href="/Private/ChangePassword.html">Change Password</a><br />
  29 <a href="/Private/CreateUser.html">Create New User Account</a>
  30 </p>
  31 <h1 align=CENTER>Private data: You are now logged in as <em><script type="text/ssperl" CGI='$LOGINUSERNAME=""'>$LOGINUSERNAME</script></em></h1>
  32 <p align=CENTER>Logged in from <script type="text/ssperl" CGI='$LOGINIPADDRESS="" $LOGINPATH="" $SESSIONTYPE @CAPABILITIES="TEST"'>
  33         my $Caps = "(".join(", ",@CAPABILITIES).")" if @CAPABILITIES;
  34         "$LOGINIPADDRESS $LOGINPATH <br />Session type: $SESSIONTYPE $Caps";
  35 </script></p>
  36 <p align=CENTER><a href="/Private/manual.html">Go to manual</a></p>
  37
  38 <A NAME="SESSIONTICKETS"><H2 ALIGN="CENTER">SERVER SIDE SESSIONS AND ACCESS CONTROL (LOGIN)</H2></A>
  39 <p>
  40 An infrastructure for user acount authorization and file access control
  41 is available. Each request is matched against a list of URL path patterns.
  42 If the request matches, a Session Ticket is required to access the URL.
  43 This Session Ticket should be present as a CGI parameter or Cookie:
  44 </p>
  45 <p>
  46 CGI: SESSIONTICKET=&lt;value&gt;<br />
  47 Cookie: CGIscriptorSESSION=&lt;value&gt;</p>
  48 <p>
  49 The example implementation stores Session Tickets as files in a local
  50 directory. To create Session Tickets, a Login request must be given
  51 with a LOGIN=&lt;value&gt; CGI parameter, a user name and a (doubly hashed)
  52 password. The user name and (singly hashed) password are stored in a
  53 PASSWORD ticket with the same name as the user account (name cleaned up
  54 for security). There is a <a href="/PrivateTutorial.html">Tutorial of the authorization
  55 application</a>.
  56 </p>
  57
  58 </body>
  59 </html>