Mitch666Holland 0 Report post Posted August 21, 2008 is there any way to make a user name and password protection using only html and java that saves the user/pass in the code and isnt needed to install anything into a sever or anything like that Share this post Link to post Share on other sites
vujsa 0 Report post Posted August 21, 2008 is there any way to make a user name and password protection using only html and java that saves the user/pass in the code and isnt needed to install anything into a sever or anything like thatIn short, no. Storing the authentication information in the code will not work since anyone can view client side code. Furthermore, you would need to change the code every time a new user was added which is normally done automatically server side. Client side scripts cannot change a file on a server without a server side script to interface with.vujsa Share this post Link to post Share on other sites
tansqrx 0 Report post Posted August 25, 2008 Agreed. By having the password in the HTML, anyone who looks at the HTML will know the password. Even if you encrypt the password the encryption key will have to be stored in the HTML and it is only a matter of time before the password is found. The best you could hope for here is security through obscurity. Share this post Link to post Share on other sites
magiccode91405241511 0 Report post Posted August 26, 2008 This might secure on some old days.As computer growth faster.It is risking !So, I don't suggest that too. Share this post Link to post Share on other sites
wutske 0 Report post Posted August 26, 2008 You could do this in Java (afaik java applets are compiled so there's no source code visible).This might secure on some old days. As computer growth faster. It is risking ! So, I don't suggest that too. However, I do not suggest you to store the password, but a hash of the password (something you always have to do). If a user wants to sign in, the password he entered should be hashed too and then compared to the hash that you saved in the source code. The should keep most malicious users away, but people with some computer knowledge can break it anyway. Share this post Link to post Share on other sites
yordan 10 Report post Posted August 26, 2008 You could imagine using the AuthUserFile authentication instruction in in the .htaccess file.These instructions tell the Apache server to use the user passwords you have define using the password generated by the htpasswd command.See for instance here http://bignosebird.com/apache/a10.shtml Share this post Link to post Share on other sites
