Authentication Failure Page

  • Thread starter Thread starter LoreFtM
  • Start date Start date
L

LoreFtM

When accessing a password protected page, when the incorrect password is
typed into the password field, the Authentication Failure Page does not load.
Instead, MSIE warning window pops up: Please enter a value equal to ... the
correct password. I need to fix this problem. Any help would be greatly
appreciated.
 
Easier to give an answer after seeing the page - but try removing
validation from the password field, or changing the validation to allow ANY
combination of letters and digits and other characters, rather than an
exact equivalence to the password.
 
Thanks for your info. Please take a look at the page,
www.venetianvillage.net, link to "ARB", link to "Data Entry Form". If you
type in the correct password "1234", the correct confirmation page loads. If
nothing is typed into the password field, the correct authentication failure
page loads. However, if an incorrect password is typed in, instead of the
authentication failure page loading, MSIE Warning window pops up, stating to
put in a validation equal to "1234". This is the problem I need to correct.
Of course, I don't want IE to show the password, defeats the purpose of a
password to access a page. Any help would be greatly appreciated. Hannelore
 
The frontpage form is not suitable for password protection of any pages -
for this you need server-side scripting to validate the password, or place
the protected pages in a subweb with unique permissions (does your host
support subwebs with unique permissions?) and let the extensions provide
the login dialogue (userid and password).

For your form, if you change the validation to greater than ! then the
form will give an appropriate response if no password is entered, but it
will be up to the confirmation page to decide if the password given is
valid. This is really a lost cause, because the confirmation page is named
in the page source anyway (U-Confirmation-Url="blah.htm") - which is why
server-side scripting or a protected subweb is required, no clues are given
as to the password, and the protected page *is* protected.

Some examples of page protection can be found at
http://www.rxs-enterprises.org/tests/protect-page/
but there are others using other technologies such as php, asp.net, cfm
etc.
 
Back
Top