HTML Password

Warning

Web browsers will cache the username and password once entered. To force a password request again you will need to clear the browser cache, restart the browser, or open a new private browsing session.

Methods to Set an Access Group

Web page user names and passwords are controlled by "Access Group" levels that can range from 0 to 255, with 0 being no password protection. There are 3 methods to set the Access Group levels as described below. An time Access Groups are used in an application, the CheckHttpAccess() function must be created in the application to process the access groups and determine if access should be granted. The function is defined as:

HTTP_ACCESS CheckHttpAccess(int sock, int access_level, HTTP_Request &Req) 

.

1. In a HTML page using <!--ACCESSGROUP n --> HTML tag, where n is a number from 0 to 255, typically 1 for admin and 2 for user, etc.. This provides the finest level of control on a page by page basis by adding the ACCESSGROUP tag as the first line in any web page that needs password protection. The application must create a CheckHttpAccess() function, that is automatically be called by the system, to process each request, such as checking a user name and password against stored values.

1. For dynamic web content, create a HTML GET handler callback function. If you do not have a web page compiled into an application in which to put an ACCESSGROUP tag, the access group can be specified in the handler callback function declaration:

   CallBackFunctionPageHandler(const char *pUrl, http_gethandlerfunc *pFunction,
                               HTTP_RequestTypes reqType = tGet, int accessGroup = 0,
                               bool beforeFiles = false)

   For example, if you have a dynamically created page for administration of users and passwords that generates a list of such information the access group could be set to 1 in the callback declaration:

   CallBackFunctionPageHandler getHanderAdmin("admin.html*", getAdmin, tGet, 1);

   For reference, a GET callback declaration with no access group specified defaults to 0 and only needs the first two parameters:

   CallBackFunctionPageHandler getHanderDynamicPage("dynamicPage.html", getDynamicPage);

1. Creatr a dynamic HTML POST handler callback function:

   HtmlPostVariableListCallback(const char *pUrl, postvarhandler *pCallback, int accessGroup = 0)

   Similar to the GET handler above, creating a callback with no access group relies on ACCESSGROUP tags:

   HtmlPostVariableListCallback postForm1("form1*", form1PostCallBack);

   And specifying the access group for a post can also be used:

   HtmlPostVariableListCallback postForm2("form2*", form2PostCallBack, 2);

ACCESSGROUP HTML Tags

The application consists of an index page with links to three additional pages with access group numbers: 0, 1 and 2.

• Group 0 = Open access
• Group 1 = Admin access
• Group 2 = User access

The function

HTTP_ACCESS CheckHttpAccess(int sock, int access_level, HTTP_Request & Req) 

is used to authenticate the user names and passwords. If you create a function with this signature, it will be called any time one of the following access group tags are encountered in a web page:

Any web pages without an ACCESSGROUP tag will default to open access.