[Mozile] Securing Mozile Interface

Lars Kiilerich beer at v1p.dk
Thu Aug 2 05:41:18 PDT 2007 

On my server the server checks the users session when mozile saves, and 
allows, or does not allow to save..

Hence.. i need to be logged into my homemade system, before mozile will 
let me save, this is without webdav or anything fancy. I just check for 
a specific variable to be set on the usersession when trying to save.

I've thought about if mozile can handle client certifiate (OCES) for 
client authentication, it could be fun.. and not to mention very safe :) 
Maybe I should test it out. Any thoughts here?

Sincerely
Lars Kiilerich


James A. Overton wrote:
> Hi Dan,
>
> Sorry I didn't see your message earlier.
>
> Dag Sverre is right: Mozile runs on the client (the browser) and so  
> it can't control access to pages on your server. On the other hand,  
> Mozile doesn't actually change pages on the server unless the server  
> allows Mozile to save the edited document.
>
> So you have a couple of options for controlling who can edit your  
> pages. One is to require a password (on the server) to access the  
> page that Mozile POSTs its changes to. That way anyone can edit, but  
> only authorized people can save and make the changes permanent.  
> Second, you can create two copies of the page, one for everyone to  
> see which does not include Mozile, and another password protected one  
> which includes Mozile.
>
> Like Dag Sverre says, the details of how you set the password depend  
> on what server-side technology you are using.
>
> Let us know if you need more information,
>
> James
>
>
>
> On 2007-08-01, at 2:37 PM, Dag Sverre Seljebotn wrote:
>
>   
>> Dan Lavie wrote:
>>     
>>> Hello,
>>>
>>> Does any one know how to make mozile with a password, so not every  
>>> one
>>> can change my site ?
>>>       
>> If I understand correctly...by default, all changes in Mozile  
>> happens in
>> the client. So if one client changes something this doesn't affect  
>> what
>> is on the server at all, and disappears when the client does a reload.
>>
>> Mozile can be used together with other technologies in order to save
>> contents back to the server from the client, ie you need to  
>> specifically
>> enable such behaviour. And once you have set up that correctly, you  
>> will
>> likely know the answer to your question or be able to ask more
>> specifically (ie "how do I set up password protection on my WebDAV
>> server etc."... the protection is not located in Mozila but in  
>> whatever
>> connection technology you use).
>>
>> Dag Sverre
>> _______________________________________________
>> Mozile mailing list
>> Mozile at mozdev.org
>> http://mozdev.org/mailman/listinfo/mozile
>>     
>
> _______________________________________________
> Mozile mailing list
> Mozile at mozdev.org
> http://mozdev.org/mailman/listinfo/mozile
>
>
>
>   
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mozdev.org/pipermail/mozile/attachments/20070802/9ef2a591/attachment.html

More information about the Mozile mailing list