Why does user login & authentication allows access to other password-protected areas?

Question

Why would a user that has logged in and is authenticated only for pages in web folder "a" be able to view pages in web folder "b" even if his user name and password are not in available in the MSAccess table for folder "b"?

I have a number of secure folders on my site. I created an MSAccess database that has a separate table and usernames and passwords for each web folder. I have created a separate login page for each folder, and have restricted access in all the pages in each folder in the server behaviors panel.

Thanks

Why does user login & authentication allows access to other password-protected folders with separate usernames and passwords?

bregent · Answer

You will have to explain in more detail. The DW behaviors for user authentication does not secure folders. You can use web server security to secure folders if that's what you need. But you are also mentioning storing the user credentials in a database, so it is not clear to me which method you are using.

The basic mechanism DW uses to secure pages is to check if the user has a valid session. If they do, then they will authenticate to any restricted page, unless you add more logic or use access levels.

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded