Re: Limiting access to a local web application

You can use cookies.

If your cookie isn't set, this is a new user. If you need to know which user exactly then you can ask for a name (and put that name into the cookie). No need to ask for a password. If you just need to differentiate between users (without needing to know a name) then the value of the cookie is just a random number you store somewhere.

If it is set you check the cookie and know now which "thread" is doing the asking.

Comment on Re: Limiting access to a local web application

Replies are listed 'Best First'.
Re^2: Limiting access to a local web application by Anonymous Monk on Aug 04, 2008 at 07:02 UTC
That won't prevent users from easily impersonating each other	[reply]
Re^3: Limiting access to a local web application by jethro (Monsignor) on Aug 04, 2008 at 12:03 UTC
No, but he didn't say that he needed that. Not everything needs to be locked with key and authentication. Think intranet wiki, work group data, user preferences If authentication is important, there might be other ways: A login/startup script could put a personalized cookie (i.e. a random number) into the cookie file of the browser and tell the server which user has which cookie number. This is a hack since you have to know which browser is used and if that browser changes its cookie file syntax, your app will malfunction and could even stop the browser from running. But if the browser is not the normal browser but a separate instance started and solely used by the application this would be acceptable.	[reply]