MWS_55_e.indb Page 58
Manual MWS 55 / MWS 88 / MWS 10 and Sensors 55
geändert am 04.12.2020 von DO
REINHARDT
System- und Messelectronic GmbH
Fax: 08196/7005 and 1414 email:
wetter@reinhardt-testsystem.de
http://www.reinhardt-wetterstationen.de
4.4.3.1 Password and HTPASS folder
Another possibility granting users access is creating passwords instead to limit access via IP
addresses. To perform, at least one password protected access (admin address or standard user)
needs to be created with the INCLUDE command.
CAUTION: Here you can only use MAC addresses in the format xx-xx-xx-xx-xx-xx!
Here one example for a set of users to create:
Admin with:
ADMIN SET ADDRESS 12-34-56-78-12-34 'nimdA'
,
standard user with:
ADMIN SET INCLUDE xx-xx-xx-xx-xx-xx 'stdpass' [HTTP]
,
first privileged user with:
ADMIN SET INCLUDE 12-34-xx-xx-xx-xx 'pvpass1' [HTTP*]
second privileged user with:
ADMIN SET INCLUDE 12-34-xx-xx-xx-xx 'pvpass2' [HTTP*]
Without password request each access works like shown above:
the admin with MAC address
12-34-56-78-12-34
has got access to ADMIN-, PRIVILDG- and
HTML root directory,
the two privileged users (
12-34-
...) can access PRIVILDG- and HTML root directory
and the standard user(s) only can access the HTML root directory.
If there is a
HTPASS
folder in the HTML root directory, files (text or WEB sites) only can be
accessed when the command
MWS HTTP PASSWD
with subsequent password is sent to the
weather station.
The weather station then will compare this password with the stored passwords (nimdA,
pvpass1, pvpass2, stdpass) and grant access to the respective folder it the password matches with
one of the stored passwords.
Typically this command is submitted as a request with the POST method, i.e.:
<form action="login.htm" method="post">
<label for="pass">Please insert password</label>
<input id="pass" name="MWS HTTP PASSWD" maxlength="15" size="15" type="password">
<button type="submit" value="submit">sign up</button>
</form>
You can make use of the fact that the HTPASS folder is searched before the root folder, if the
access was granted. So in the root folder a file login.htm with the above code can exist, which
interrogates the password, and calls again a file login.htm
(1. line: form action=“login.htm“).
If the access was granted, the file
/HTPASS/login.htm
is called, which shows the user the desired
information. If an incorrect password was used, the file /login.htm is shown again, and the user
has the opportunity to enter the password again.
Of course you can also branch in case of errors, and e.g. show an error page.
The
HTPASS
folder may exist (like Images, Javascript and Styles folder) several times, once in
the
ADMIN
directory, once in the
PRIVILGD
directory and once in the HTML root directory.
The order is analogous to the other
files, except that an HTPASS folder
is always searched first, provided
that access has been granted.
______________________________
If access is denied (wrong password)
all
HTPASS folders will be dropped.
Administrator
Privileged user
Standard user
ADMIN/HTPASS
/PRIVILDG/HTPASS
/HTPASS
/ADMIN
/PRIVILDG
/
/PRIVILDG/HTPASS /HTPASS
/PRIVILDG
/
/HTPASS
/
/ADMIN
/PRIVILDG
/
/PRIVILDG
/
/