From owner-freebsd-isp  Sat May  4  8:48: 6 2002
Delivered-To: freebsd-isp@freebsd.org
Received: from kpax.icsmx.com (kpax.icsmx.com [200.33.246.13])
	by hub.freebsd.org (Postfix) with ESMTP id BD9AA37B419
	for <freebsd-isp@FreeBSD.ORG>; Sat,  4 May 2002 08:48:02 -0700 (PDT)
Received: from mipc.intranet.com.mx ([200.33.246.26])
	by kpax.icsmx.com (8.11.6/8.11.6) with ESMTP id g44FjXQ93967
	for <freebsd-isp@FreeBSD.ORG>; Sat, 4 May 2002 10:45:34 -0500 (CDT)
	(envelope-from jbiquez@icsmx.com)
Message-Id: <5.1.0.14.2.20020504103436.025a9450@icsmx.com>
X-Sender: jbiquez@icsmx.com
X-Mailer: QUALCOMM Windows Eudora Version 5.1
Date: Sat, 04 May 2002 10:45:18 -0500
To: freebsd-isp@FreeBSD.ORG
From: Jorge Biquez <jbiquez@icsmx.com>
Subject: OFF-Topic.Restricting access to pages.
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-isp.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-isp>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-isp>
X-Loop: FreeBSD.org

Hello all.
I'm sorry this is off topic.
A friend from the speaking Spanish list asked me to post this here to know 
your comments and advice.
She is on a project where she needs to restrict access to certain part of a 
site according to certain user category. Now there are not too many users 
but in the future could be more and could be lot of movement on the users, 
changing the permissions to what they can or can not see and access on the 
site. She thought on solve the problem with the htacess access feature from 
Apache. But with this solution she does not know how to control easily the 
maintenance of users that access the site.
The other solution we were talking (I'm trying to help her) is to develop 
some validation with PHP and a database, construct all pages on the fly 
according to permissions. We know this could be a more extensive solution 
and that will require more time and resources.
We know that both solutions could work but we are worried (since we have 
never done it before) on the security. I man, if users consult the pages, 
let's say on a public library , the complete path of the pages will be in 
the history of the browser user. Teorically a user could see the history 
and enter the site without being asked again for the user and password. Is 
that right? Any ideas on other options to look?

Thanks in advance.

JB


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message