Unfortunatly, what your looking for may not be possible. The problem is, it's really trivial for a browser to fake information like that, you'd be diving head first into a security nightmare.
There may be a way around that though, but it might cost a few dollars. In the same way that a web server needs a digital certificate in order to do secure transactions, browsers can be given certificates too, in order to verify a person's identity. You'd have to go through a company like Verisign to do that, and you might end up spending $50 a user or so. On the server end, you could have some code to check the certificate the browser is presenting you with. If you recognize the certificate, you could authenticate them.
Thats about the only way you can verify a users identity, without asking for a password. And then, that only works so long as the user doesn't have their certificate stolen ;-)
Hope that helps!
-Eric
--
Lucy: "What happens if you practice the piano for 20 years and then end up not being rich and famous?"
Schroeder: "The joy is in the playing." | [reply] [Watch: Dir/Any] |
| [reply] [Watch: Dir/Any] |
Hi,
I was recently in a similar position to you - needing an authentication system to be used in an internal intranet, and I really didn't like the idea of a password system - after all, we're a small friendly company, where everybody knows everybody else, and we can all be trusted, right?
Your users, like mine, probably can be trusted, but I think that authentication is about more than just trust.
I ended up building a system based on Apache::AuthCookie that required passwords and usernames, which works pretty damn well. To my surprise, there was not a murmer of complaint from the users - in fact the authentication has proved to be useful by providing accountability: "Ah, Fred moved this frobulator last Tuesday, I'll go talk to him"
Basically, authentication systems can be well worth the effort, and a password-based system doesn't have to be that hard to use, so I'd advise thinking about whether the standard username/password combo would really be that much of a problem.
This is total and utter opinion, so feel free to ignore my ramblings :-)
cheers.
davis
Is this going out live?
No, Homer, very few cartoons are broadcast live - it's a terrible strain on the animator's wrist
| [reply] [Watch: Dir/Any] |