Re: Securing Data Transfer

From: Ali-Reza Anghaie (ali@packetknife.com)
Date: 02/14/03 

From: Ali-Reza Anghaie <ali@packetknife.com>
Date: Thu, 13 Feb 2003 22:34:29 -0500

Hector Diaz wrote:
> I need to be able to upload information to a server but before I post
> any information I need to redirect them to a login page we have for our
> web site. After authentication is complete then post the information
> and redirect the information to another application sitting on the
> server. Now All of the sites are HTTPS so the data itself is secure but
> what I need to ensure is that data will not be posted until they have
> been authenticated. The data is being uploaded from a PC based
> application which we are enhancing to have an upload button.
>
> Anyone have any ideas how to do this? I have other ideas but our Info
> Sec team shot some of them down. Need other ideas. Thanks.

To give a better answer we'd want a bit of background on your
infrastructure. Like the authentication schemes available to you, the HTTP
server you're using, etc.

I'd think something like Apache + WebDAV + LDAP auth... They have to login
w/ LDAP w/ big banners click 'yes'.. yada yada.

Apache for the webserver w/ its various modules for authentication. WebDAV
for a transparent HTTP/HTTPS file interface (drag-&-drop)...

Cheers, -Ali 

-- 
OpenPGP Key: 030E44E6
--
Was I helpful?:  http://svcs.affero.net/rm.php?r=packetknife
--
It's not easy to juggle a pregnant wife and a troubled child but
somehow I managed to squeeze in 8 hours of TV a day.
-- Homer Simpson