These forums are currently read-only due to receiving more spam than actual discussion. Sorry.

It is currently Sat Dec 02, 2017 4:04 pm Advanced search

Session & Password Manager API

Here you can discuss stuff that doesn't fit elsewhere; anything you want really.

Session & Password Manager API

Postby PMB9 » Sat Mar 07, 2009 5:24 pm

I want an API like storePassword(username, password) on my website which shows the user a "Do you want your browser to remember the password for username on example.com?" dialog.

Also I like to have an login(username, password) and logout() command for HTTP Authentication.
Last edited by PMB9 on Sun Mar 08, 2009 10:44 am, edited 1 time in total.
PMB9
<h3>
 
Posts: 50
Joined: Sat Jan 26, 2008 5:38 pm

Postby JAB Creations » Sat Mar 07, 2009 8:11 pm

This is already built in to browsers; I recommend if the browser you're using doesn't already support this to post a feature request in the channels made available by that particular vendor.
User avatar
JAB Creations
<aside>
 
Posts: 566
Joined: Tue Mar 13, 2007 4:48 am
Location: Sarasota Florida, USA

Postby PMB9 » Sun Mar 08, 2009 10:44 am

Sorry, I don't know any browser with these features. I'm using Firefox and Bug #287957 is not fixed.

Is there any W3C standard for this?
PMB9
<h3>
 
Posts: 50
Joined: Sat Jan 26, 2008 5:38 pm

Postby JAB Creations » Sun Mar 08, 2009 8:54 pm

The second bit you wanted is really HTTP related more then anything I imagine.

A Firefox bug not fixed? I couldn't imagine that... :evil:

So you're trying to authenticate through Apache? Why? It's not a full fledged authentication system as far as I can tell. Stick to a serverside language and database setup such as PHP and MySQL.
User avatar
JAB Creations
<aside>
 
Posts: 566
Joined: Tue Mar 13, 2007 4:48 am
Location: Sarasota Florida, USA

Postby PMB9 » Sun Mar 15, 2009 2:35 pm

Why do I need PHP and MySQL? Only for Authentication? HTTP Authentication is simple and nice. I only need a logout() function.
PMB9
<h3>
 
Posts: 50
Joined: Sat Jan 26, 2008 5:38 pm

Postby lyosha » Mon Mar 16, 2009 10:07 pm

This is a feature request for HTTP, not HTML. We would need an HTTP header to define "logging out" and for browsers to support it.
lyosha
<h3>
 
Posts: 60
Joined: Fri Aug 22, 2008 9:26 pm

Postby PMB9 » Fri Apr 17, 2009 10:19 am

lyosha wrote:This is a feature request for HTTP, not HTML. We would need an HTTP header to define "logging out" and for browsers to support it.

I don't think so. HTTP-Logout is a client-side feature.

I'm also interested in something like window.authenticate() (compare with window.confirm())

Code: Select all
authentication = window.authenticate("member-only room");
memberdata = new XMLHttpRequest();
memberdata.open('GET', 'member.xml', true, authentication.user, authentication.password);
...
PMB9
<h3>
 
Posts: 50
Joined: Sat Jan 26, 2008 5:38 pm

Postby JAB Creations » Fri Apr 17, 2009 11:15 am

GET request
Server --> HTTP --> Client

POST request
Server <-- HTTP <-- Client

HTTP is the protocol that works between the client and the server. Both clientside and serverside applications must adhere to the HTTP protocol if you are to have any successful interaction over the internet.

You clearly do not understand that nor serverside development as any one respectably experienced with serverside programming has to have an important grasp on security of which the number one rule is to never trust clientside data.
User avatar
JAB Creations
<aside>
 
Posts: 566
Joined: Tue Mar 13, 2007 4:48 am
Location: Sarasota Florida, USA

Postby PMB9 » Fri Apr 17, 2009 12:51 pm

You are talking about a standard way to logout from a cookie session, isn't it? I'm talking about HTTP Authentication.
PMB9
<h3>
 
Posts: 50
Joined: Sat Jan 26, 2008 5:38 pm


Return to Off Topic

Who is online

Users browsing this forum: No registered users and 1 guest