Jump to content

Securing the SC Folder

djlane

By djlane
in SuperContainer by 360 Works

 Share

This topic is 5575 days old. Please don't post here. Open a new topic instead.

Recommended Posts

djlane Community Regular

djlane

Posted
Posted (edited)

The SC documentation says

If you have password-protected your SuperContainer installation and don't want users to be prompted for a username and password, you can embed this information directly into your URL. For a username of "bob" and password "secret", you can do the following:

http://bob:[email protected]:8020/SuperContainer/Files/etc...

Note: this is not a foolproof means of preventing users from finding out the username and password! The password will be shown briefly when loading the page, and again when clicking on a link to download the image.

So this does not sound very secure. What is the best way to secure access to the documents inside SC ?

Is there a way that is more secure than that described above ?

Edited by Guest
Link to comment
Share on other sites
Jesse Barnum Experienced

Jesse Barnum

Posted
Posted

We have a security section on a SuperContainer FAQ that we're working on. We haven't publicized it yet, but it is accessible if you have the URL.

Read the security section here:

http://wo.360works.com/cgi-bin/support/productsupport.cgi/SuperContainer#SuperContainer33

Link to comment
Share on other sites
  • 3 months later...
  • Newbies
exizldelfuego Newbie

exizldelfuego

Posted
  • Newbies
Posted

Is there a way of securing SuperContainer for edits, but let anyone view anything?

I’m creating a system through which our client can manage their website, and SuperContainer is perfect for both providing the client an interface to manage photos as well as providing the world with processed versions of the photos for the website. The problem being, of course, that if SuperContainer is facing the public—and that public knows something about SuperContainer—they could check the HTML tag, substitute the RawData for Files, and start altering images.

If need be, I could have the website act as a proxy to SuperContainer, but it’d be great to eliminate the overhead.

Link to comment
Share on other sites
Valentin Collaborator

Valentin

Posted
Posted

We have been working on the ability to specify permissions for every folder level of SuperContainer hosting directory. And it's a ready feature, currently you can set read, write or delete on each folder. We could make this available to you now for a price of an enterprise upgrade license.

Further we could extend SuperContainer to require each user to authenticate with an LDAP server and have a separate set of read, write, delete permissions for authenticated users. I don't have a price ready for that but we could estimate it for you.

Link to comment
Share on other sites

This topic is 5575 days old. Please don't post here. Open a new topic instead.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept