What's new in PassDir 1.7.0
Nov 3, 2006
- Added LicenseFile to allow userreg.txt to be located in a specified directory, primarily where multiple PassDir DLLs are installed for different sites, so they can share the same license key file. Added support for authentication cookies, as an alternative to the basic authentication logon dialog box. thus allowing the logon user name and password to be entered using normal HTLM form fields and saved as a cookie which PassDir reads instead of the Authorization: header. The cookie is called PASSDIRLOGON, the cookie path is set to the protected directory path, expiry date is optional, and the cookie value is the logon details, in one of three formats. The simplest cookie format is clear text, '1logon:password' where the figure 1 indicates clear format and a colon separates the logon name and password. To avoid the password being visible, it may be encoded using Magenta COM Objects (magobjs.dll), an ActiveX that must be installed on the server running the ASP pages, where the cookie becomes '2encodedstring'. Finally the logon may be base64 by VBScript to avoid using an ActiveX, where the cookie becomes '3base64string'. Note that cookies values are visible in the browser and often appear in web logs. Magenta COM Objects is available free to licensees of the 10-25 or unlimited directory versions of PassDir. A web page logon.asp illustrates the VBScript needed to create the cookies described above. Fixed a problem that may have prevented PassDir running on Windows 2003 server. Improved logging so alphabetic dates are always used.