SitePoint Sponsor

User Tag List

Results 1 to 3 of 3
  1. #1
    SitePoint Enthusiast
    Join Date
    May 2012
    Posts
    25
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    no direct access to web application

    Hi all,

    In our environment, we have some running web applications. Now we need to connect some users from vpn to our environment but we dont want them to direct access these applications. I mean i know its a bit illogical to say but i will try to explain the process in points

    1) user logged in to our environment via vpn (this is we have done successfully)
    2) Right now, user are accessing the web applications directly
    3) we want to create a page in php and provide only this page to them for some initial authentication.
    4) if the authentication is successful, then redirect them to the web application.
    5) if user tries to access the web application without accessing our page, that application should'nt open

    The biggest hurdle is, we cant change anything in the web application itself, so just to get some expert views here, can it be done ???

  2. #2
    Foozle Reducer ServerStorm's Avatar
    Join Date
    Feb 2005
    Location
    Burlington, Canada
    Posts
    2,699
    Mentioned
    89 Post(s)
    Tagged
    2 Thread(s)
    Quote Originally Posted by amer99 View Post
    Hi all,

    In our environment, we have some running web applications. Now we need to connect some users from vpn to our environment but we dont want them to direct access these applications. I mean i know its a bit illogical to say but i will try to explain the process in points

    1) user logged in to our environment via vpn (this is we have done successfully)
    2) Right now, user are accessing the web applications directly
    3) we want to create a page in php and provide only this page to them for some initial authentication.
    4) if the authentication is successful, then redirect them to the web application.
    5) if user tries to access the web application without accessing our page, that application should'nt open

    The biggest hurdle is, we cant change anything in the web application itself, so just to get some expert views here, can it be done ???
    I don't believe there is a practical way of doing this without being able to add support to the application.

    If you create a new php page(s) that verify their credentials and then decide if it routes to the application URL or not. Even if you don't publish the URL to the application this scenario can be easily foiled as a person can just bookmark the application URL and bypass the check.

    To really check that a user has successfully logged in, you need to check session data or database data that verifies or blocks a user based on their login attempt. If the user has not logged in and attempts to access the application URL without logging in the application's controller would need to reject and redirect them to the login. As you can't modify the application then this approach is also out.

    You are unlikely to find a practical way to do this

    Steve
    ictus==""

  3. #3
    Hosting Team Leader silver trophybronze trophy
    cpradio's Avatar
    Join Date
    Jun 2002
    Location
    Ohio
    Posts
    4,827
    Mentioned
    142 Post(s)
    Tagged
    0 Thread(s)
    I've also been thinking about this, and the only thing I could think of (and I don't know if it is possible as I've never done it) was to create a custom apache authentication routine that you could embed in an .htaccess file that would validate the user (or check if the user is validated) and if they are not, redirect them to an authentication page.

    A part of me says this should be possible, but the other part of me is yelling that is may be a LOT of work when modifying the existing applications would be far less trivial.
    Be sure to congratulate xMog on earning April's Member of the Month
    Go ahead and blame me, I still won't lose any sleep over it
    My Blog | My Technical Notes


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •