Title :
A server-independent password authentication method for access-controlled Web pages
Author_Institution :
AT&T Labs., Red Bank, NJ, USA
Abstract :
A new password authentication method is proposed for the purpose of providing individual Web page authors with convenience in deploying password-protected Web realms at a shared Web server, on which individual authors may not have permission to run their own server-side programs for password verification. According to this method, a Web realm is mapped to a secret directory at the Web server, in which access-controlled Web pages are stored. A password is used to construct the name of the secret directory. A small piece of JavaScript code is embedded in a sign-in Web page outside the secret directory, which converts the user-entered password into the directory name and forms a complete URL, pointing to an access-controlled Web page inside the secret directory. Thus, only users knowing the password can compose a valid URL and retrieve the access-controlled Web page. Using this method, Web page authors can deploy password-protected Web realms in a server-independent manner. Two implementations are given to demonstrate how to apply this method under different application requirements
Keywords :
Java; authoring languages; authorisation; file servers; information resources; message authentication; JavaScript code; Web page authors; Web realm; access-controlled Web pages; application requirements; complete URL; directory name; password; password verification; password-protected Web realms; secret directory; server-independent manner; server-independent password authentication method; server-side programs; shared Web server; sign-in Web page; user-entered password; Access control; Authentication; File servers; Java; Permission; Protection; Terminology; Uniform resource locators; Web pages; Web server;
Conference_Titel :
Global Telecommunications Conference, 2000. GLOBECOM '00. IEEE
Conference_Location :
San Francisco, CA
Print_ISBN :
0-7803-6451-1
DOI :
10.1109/GLOCOM.2000.892030