[nycphp-talk] AJAX and State
Elliotte Harold
elharo at metalab.unc.edu
Wed Sep 19 05:43:43 EDT 2007
tedd wrote:
> My solution is to simply require them to log-in and set a session auth
> variable to OK and turn them loose. Then they have access to all the
> goodies.
>
> While what they ask for on the site is provided in the URL via a GET,
> and as such, they could bookmark it and/or send the URL to someone else
> -- but they can't get at the goodies without being logged-in (i.e.,
> session auth variable set to OK).
>
> Again, all pretty simple stuff.
>
> This works for me -- but, how do you do this without using sessions?
>
HTTP basic or digest authentication would do exactly this with less work
on your part. There are other alternatives if that doesn't meet your
needs, but HTTP authentication is by far the simplest approach.
--
Elliotte Rusty Harold elharo at metalab.unc.edu
Java I/O 2nd Edition Just Published!
http://www.cafeaulait.org/books/javaio2/
http://www.amazon.com/exec/obidos/ISBN=0596527500/ref=nosim/cafeaulaitA/
More information about the talk
mailing list