Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


davidcole

6034 posts

Uber Geek

Trusted

#65971 10-Aug-2010 08:03
Send private message

Rather that asking technical ways of doing things as per : http://www.geekzone.co.nz/forums.asp?forumid=46&topicid=65937

How about I tell you what I'm after and take suggestions instead.

I have a number of sites on a number of machines at home.  A log of them a packages, a couple of them are ASP.Net apps I've written.  Mostly they're unsecured as I access them behind a tunnel.

But I'd like to open them up to the internet and potentially allow access to some other people. So what I'd like is the following;



  • Secure Landing page that lists or could provide links to the subdomains - this I'd like to be authenticated.

  • Listed sites shown are only the sites that the authenticated user has access to


So what am I after?  Is this something a content management system (Joomla, mambo, drupal) could do?  Or are they a bit over kill for what I'm after? (I've never looked at one so don't know the capabilities).

Or am I after a portal application? like jetspeed or pluto?

Or do I just write my own landing page with all the links, and figure out how to secure them by hand???




Previously known as psycik

Home Assistant: Gigabyte AMD A8 Brix, Home Assistant with Aeotech ZWave Controller, Raspberry PI, Wemos D1 Mini, Zwave, Shelly Humidity and Temperature sensors
Media:Chromecast v2, ATV4 4k, ATV4, HDHomeRun Dual
Server
Host Plex Server 3x3TB, 4x4TB using MergerFS, Samsung 850 evo 512 GB SSD, Proxmox Server with 1xW10, 2xUbuntu 22.04 LTS, Backblaze Backups, usenetprime.com fastmail.com Sharesies Trakt.TV Sharesight 


Create new topic
reven
3743 posts

Uber Geek

Trusted

  #365769 10-Aug-2010 09:20
Send private message

if they are basically all independent sites and you just want an index/landing page to take you to those. i think a CMS would be over kill.

i would just write up my own membership provider (or use a standard one from microsoft) and authenticate that way.

there maybe a problem authenticating on the subdomains (im not 100% sure if asp.net will just care the authentication details over, it should if using windows authentication), if it doesnt you could always add a hash (regenerated at login, that is stored in a db that expires) that says they are preauthenticated so they dont have to authenticate again.


for the roles the users can access, i would just use an enum eg,
1 = has access to site a
2 = site b
4 = site c
8 = site d

so userrole = 6 = site b and c but not access to site a or d.
that makes it easy to manage and check
if(userrole & UserRoles.SiteA) != SiteA) response.redirect("landingpage"); // they dont have access to here.
and easy to extend because you just add a new site to the enum.



davidcole

6034 posts

Uber Geek

Trusted

  #365774 10-Aug-2010 09:43
Send private message

Hmm that would assume that the landing page was Microsoft, which it's currently not.  It's actually running on a linux apache server.

Also only two of the pages are custom written ASP.net, the rest are installed programs - gbpvr and sabnzbd and webmin.  So I don't really have any control over the authentication of the sub sites.




Previously known as psycik

Home Assistant: Gigabyte AMD A8 Brix, Home Assistant with Aeotech ZWave Controller, Raspberry PI, Wemos D1 Mini, Zwave, Shelly Humidity and Temperature sensors
Media:Chromecast v2, ATV4 4k, ATV4, HDHomeRun Dual
Server
Host Plex Server 3x3TB, 4x4TB using MergerFS, Samsung 850 evo 512 GB SSD, Proxmox Server with 1xW10, 2xUbuntu 22.04 LTS, Backblaze Backups, usenetprime.com fastmail.com Sharesies Trakt.TV Sharesight 


reven
3743 posts

Uber Geek

Trusted

  #365776 10-Aug-2010 09:49
Send private message

you could still basically do the same in php. and easily add a tokenlogin.aspx page to gbpvr which passes a preauthentication token. not sure about sabnzbd (never used it), but if you have access to db you could be able to do the same. just change the token to something like
encrypt(seed:username:password) so when reach the tokenlogin.aspx page decode it and do the manual login.



davidcole

6034 posts

Uber Geek

Trusted

  #365795 10-Aug-2010 10:44
Send private message

Sounds hard :)

I don't want to change the programs I use.




Previously known as psycik

Home Assistant: Gigabyte AMD A8 Brix, Home Assistant with Aeotech ZWave Controller, Raspberry PI, Wemos D1 Mini, Zwave, Shelly Humidity and Temperature sensors
Media:Chromecast v2, ATV4 4k, ATV4, HDHomeRun Dual
Server
Host Plex Server 3x3TB, 4x4TB using MergerFS, Samsung 850 evo 512 GB SSD, Proxmox Server with 1xW10, 2xUbuntu 22.04 LTS, Backblaze Backups, usenetprime.com fastmail.com Sharesies Trakt.TV Sharesight 


reven
3743 posts

Uber Geek

Trusted

  #365804 10-Aug-2010 11:39
Send private message

not really hard, you're basically just writing a wrapper to auto login to the other websites.

otherwise your portal would be a basic index, but when you go to gbpvr EWA you would have to login again.

and you wouldnt be changing the webapps, just adding a new page, so you can still update them etc.

so basically

1. login to portal
2. click on a link to say gbpvr ewa/tokenlogin.aspx?token=DFGERGR@!QRFxf23!QWFDG@$#W
3. tokenlogin.aspx decodes the token and does the login using the username / password.

for asp.net websites you could do a Server.Transfer so the asp.net handles all the login stuff automatically, for PHP you do a post request with the username/password to login to the site, and then do a redirect to its main page. there maybe an issue with the auth cookies not being saved since your token page is doing the auth request. but you could work around that.

it may sound complicated, but theres not a heck of a lot to it really.

the problem is authentication between different servers and OSs. ive got no experience with this, so there maybe a better soluion, only ever done AD/forms auth on windows and forms auth on PHP. so not sure if you could do some kind of AD auth between the 2 types of servers.

davidcole

6034 posts

Uber Geek

Trusted

  #365815 10-Aug-2010 12:15
Send private message

I was thinking if the location/directory in apache was password protected, the the resulting site wouldn't need to be (ie i could turn authentication off).  Another friend recommended website baker.




Previously known as psycik

Home Assistant: Gigabyte AMD A8 Brix, Home Assistant with Aeotech ZWave Controller, Raspberry PI, Wemos D1 Mini, Zwave, Shelly Humidity and Temperature sensors
Media:Chromecast v2, ATV4 4k, ATV4, HDHomeRun Dual
Server
Host Plex Server 3x3TB, 4x4TB using MergerFS, Samsung 850 evo 512 GB SSD, Proxmox Server with 1xW10, 2xUbuntu 22.04 LTS, Backblaze Backups, usenetprime.com fastmail.com Sharesies Trakt.TV Sharesight 


Create new topic





News and reviews »

Air New Zealand Starts AI adoption with OpenAI
Posted 24-Jul-2025 16:00


eero Pro 7 Review
Posted 23-Jul-2025 12:07


BeeStation Plus Review
Posted 21-Jul-2025 14:21


eero Unveils New Wi-Fi 7 Products in New Zealand
Posted 21-Jul-2025 00:01


WiZ Introduces HDMI Sync Box and other Light Devices
Posted 20-Jul-2025 17:32


RedShield Enhances DDoS and Bot Attack Protection
Posted 20-Jul-2025 17:26


Seagate Ships 30TB Drives
Posted 17-Jul-2025 11:24


Oclean AirPump A10 Water Flosser Review
Posted 13-Jul-2025 11:05


Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
Posted 10-Jul-2025 02:01


Samsung Galaxy Z Flip7 Brings New Edge-To-Edge FlexWindow
Posted 10-Jul-2025 02:01


Epson Launches New AM-C550Z WorkForce Enterprise printer
Posted 9-Jul-2025 18:22


Samsung Releases Smart Monitor M9
Posted 9-Jul-2025 17:46


Nearly Half of Older Kiwis Still Write their Passwords on Paper
Posted 9-Jul-2025 08:42


D-Link 4G+ Cat6 Wi-Fi 6 DWR-933M Mobile Hotspot Review
Posted 1-Jul-2025 11:34


Oppo A5 Series Launches With New Levels of Durability
Posted 30-Jun-2025 10:15









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.