[thelist] How to protect plain html files?

[Flavia Tarzwell (FayeC)]

I am almost sure they are using Windows/IIS on the hosting server but I
am not 100% sure...
The problem is that they want the whole nine yards.....sort of an
e-commerce interface with login and all....
I have looked at the clients needs and I don't see the need for such a
robust system for what he wants but it's hard to be able to understand
the client correctly and have your opinions/ideas passed to the client
when you are dealing with a middle man.....
I am sure he wouldn't go for the windows login popup as he has changed
the graphic layout of the page some 20 times.....I am not doing the
graphic layout part but I have seen tons of changes within a short time...
The password protected area should be off limits to everybody but the
clients he registers himself (he specified the clients should not be
able to add themselves to the database). Then the area contains patches
and documentation for his telephony product. And that's it......
THe way the protected area is set up now the user has to login for every
page they want to access (manuals, documentation and patches). He also
doesn't want me to use cookies (he is a security freak and said that
would be too much liability for him). So I am left with very little
options to deal with....
Any tips will be appreciated.....

Thanks,

FayeC


Wade Armstrong wrote:

> What kind of server are you using?
> On Apache, you can use .htaccess. On IIS, there's Windows Login. Both will
> protect a single directory with a pop-up log-in dialog.
>
> Wade
>