56
General Software Discussion / Re: Passworded gatekeeper for websites
« on: January 12, 2017, 09:01 PM »
Again, I greatly appreciate all the comments. Many of them are dead-on. I believe a solution I presented at a group meeting tonight was acceptable to the managers and this process will greatly simplify the entire procedure - IF it can be done on SquareSpace Hosting. 'SS' was not my choice of a host but it is what I am stuck with.
On the main website I just need to present a [button] that when clicked would open a small window with a box large enough for 15 characters and labeled with "Enter your group name here and click <Enter>". The characters entered in that box would be used to complete the value of a variable whose default value would be the first portion of the URL such "https://www.mysite.com/".
When they click Enter it would complete the variable and use it to open a window on the User's default browser to the site at that location.
Shades, you are 100% correct in the primary layout. That is the way I designed it many years ago and it has worked perfectly for all this time. This new wrinkle is caused by them wanting all traffic to go to the primary PUBLIC site before being redirected to the numerous private locations on another site using a single "Log In Button" on the Public Site.
The conundrum was that I have no way of knowing who "they" are when they click that button which makes it next to impossible to intelligently redirect them to anywhere. Much less do so "securely" without displaying a list of site options which was 100% "Verboten"!
I made a good case for using pre-assigned keyword distribution and making the keyword be the final part of the URL needed to take each party to their own location.
The main destination is not really a 'secret' as such, only the individual sub-location within it contain any private information. And each of those sub-locations has its own Login/PW gatekeeper anyway.
Since each person only knows the specific name for their own subfolder, and these names are randomly generated, no Public User would ever get to anywhere other than the one subfolder they have the preassigned keyword for. This way, i don't have to maintain a "master Key-Keeper" and also don't have to show a list of all optional choices to anyone who clicks the login-in button. If anyone types in a nonexistent name into the login box, that would make it an invalid URL and they would get the 404 error code equivalent "This site can't be reached"
Doing this in HTML is not that hard. But. SquareSpace is not a normal hosting site and so far I am not getting very far with trying to redefine a "block" to create the the button object to do such "magik". So much for "Simplicity". :( Apache is much easier I think.
Eventually, I am sure I will get something to fly. But .. as always, I found that by asking the questions on DC it brought in so much extra information from all the people here and I wanted to thank everyone for their concepts and ideas. DC has always been the best place to start when trying to find a solution to anything!
On the main website I just need to present a [button] that when clicked would open a small window with a box large enough for 15 characters and labeled with "Enter your group name here and click <Enter>". The characters entered in that box would be used to complete the value of a variable whose default value would be the first portion of the URL such "https://www.mysite.com/".
When they click Enter it would complete the variable and use it to open a window on the User's default browser to the site at that location.
Shades, you are 100% correct in the primary layout. That is the way I designed it many years ago and it has worked perfectly for all this time. This new wrinkle is caused by them wanting all traffic to go to the primary PUBLIC site before being redirected to the numerous private locations on another site using a single "Log In Button" on the Public Site.
The conundrum was that I have no way of knowing who "they" are when they click that button which makes it next to impossible to intelligently redirect them to anywhere. Much less do so "securely" without displaying a list of site options which was 100% "Verboten"!
I made a good case for using pre-assigned keyword distribution and making the keyword be the final part of the URL needed to take each party to their own location.
The main destination is not really a 'secret' as such, only the individual sub-location within it contain any private information. And each of those sub-locations has its own Login/PW gatekeeper anyway.
Since each person only knows the specific name for their own subfolder, and these names are randomly generated, no Public User would ever get to anywhere other than the one subfolder they have the preassigned keyword for. This way, i don't have to maintain a "master Key-Keeper" and also don't have to show a list of all optional choices to anyone who clicks the login-in button. If anyone types in a nonexistent name into the login box, that would make it an invalid URL and they would get the 404 error code equivalent "This site can't be reached"
Doing this in HTML is not that hard. But. SquareSpace is not a normal hosting site and so far I am not getting very far with trying to redefine a "block" to create the the button object to do such "magik". So much for "Simplicity". :( Apache is much easier I think.
Eventually, I am sure I will get something to fly. But .. as always, I found that by asking the questions on DC it brought in so much extra information from all the people here and I wanted to thank everyone for their concepts and ideas. DC has always been the best place to start when trying to find a solution to anything!