Multiple Username and Password Protection

Example

Creating a Members Only section of your web site.

MGI Tags

  • mgiAuthenticateDB

Steps

  1. Create a password administration page.
  2. Save the password administration page.
  3. Open the password administration page in a text editor.
  4. Insert the mgiAuthenticateDB tag in admin mode.
  5. Save the password administration page.
  6. FTP the password administration page to the web server running MGI.
  7. Access the web-based password administration page.
  8. Add a new record for each user.
  9. Open each Members Only page in a text editor.
  10. Insert the mgiAuthenticateDB tag.
  11. Save each Members Only page.
  12. FTP the Members Only pages to the web server running MGI.
  13. Access a Members Only page with a browser.

Step 1: Create a password administration page.

Create a page to administer the usernames, passwords, and groups for the members only section. The content of this page will be dynamically created by MGI, therefore you do not need to include any form elements on the page.

Step 2: Save the password administration page.

Save the password administration page and name it "padmin.html".

Step 3: Open the password administration page in a text editor.

Open the password administration page in a text editing program that allows you to view and modify the HTML.

Step 4: Insert the mgiAuthenticateDB tag in admin mode.

Insert your cursor after the beginning <BODY> tag and enter the mgiAuthenticateDB tag and mode parameter. In the mode parameter, enter "Admin". 
<mgiAuthenticateDB mode="Admin">

Step 5: Save the password administration page.

Save the changes you have made to the password administration page.

Step 6: FTP the password administration page to the web server running MGI.

Upload the password administration page from your local computer to the web server using an FTP program.

Step 7: Access the web-based password administration page.

Access the password administration page (padmin.html) from a web server running MGI. The administration mode of mgiAuthenticateDB displays the initial search form for logins or groups.

Step 8: Add a new record for each user.

For each member, add a new authentication record. Below the initial search form, click the "Add Record" button. The add record form displays.

In the Login field, enter a unique username for the member. Login names are case-sensitive so "MARY" and "mary" are unique login names.

In the Password field, enter a password for the member. It is recommended that passwords contain a minimum of 8 letters, numbers and/or other standard 7-bit ASCII characters (extended ASCII characters such as accents should not be used). Passwords are also case-sensitive.

In the Groups field, enter the name of the group or groups that the member belongs to. In designating groups, keep in mind that when including groups only one group can be given access to each page with mgiAuthenticateDB. For example, a member may only belong to the "Member" group, but an administrator may belong to the "Member" group and the "Admin" group such that members and administrators can access any page with the "Member" group parameter in mgiAuthenticateDB, but only administrators can access pages with the "Admin" group parameter in mgiAuthenticateDB. To enter multiple groups, separate each group in the field with a comma (e.g., Member,Admin). You are not required to enter a group if all logins will have access to any password protected page. Only enter groups when you need to differentiate the access of one group from another.

In the Start Date and End Date fields, enter the two-digit month, two-digit day and four-digit year for the time interval when the login and password are valid. The Start Date and End Date are not required, however you could use those fields for fee-based access to sections of a web site.

Finally, to add the member's login, password, group, start date and end date to the authentication database, click the "Submit" button. To add the next member's information, click the "Add Record" button and repeat Step 8 until all members have been added. When an authentication record is added using MGI, a new record is created in the MGI Authentication database that resides in the MGI Data folder. Only use the admin mode of mgiAuthenticateDB to access information in the MGI Authentication database. Do not access this database directly.

Caution: The username and password are both case-sensitive. When you distribute the username and password, note the importance of capitalization.

Step 9: Open each Members Only page in a text editor.

Open each page that you want to password protect in a text editor that allows you to view and modify the HTML.

Step 10: Insert the mgiAuthenticateDB tag.

Insert your cursor after the beginning <BODY> tag and enter the mgiAuthenticateDB tag and group parameter. In the group parameter, enter the name of the group that has access to the page. Only one group may be entered in the group parameter. For example, enter "Member" in the group parameter on Members Only pages. The group parameter is not required. If the group parameter is not included, all logins and passwords entered in the MGI Authentication database can access the page. 
<mgiAuthenticateDB group="Member">

Tip: If you leave the password administration page on the server, you should also password protect it with an mgiAuthenticateDB tag and or an mgiAuthenticate tag. You do not want to give the general public access to the password administration.

Step 11: Save each Members Only page.

Save the changes you have made to each members only page.

Step 12: FTP the Members Only pages to the web server running MGI.

Upload the members only pages from your local computer to the web server using an FTP program.

Step 13: Access a Members Only page with a browser.

Access any Members Only page with a web browser. A dialogue box requesting your Username and Password is displayed. Enter a valid username and password. If a valid username and password is entered, the page is displayed. If an invalid username and password is entered, an error message is displayed.
 
Most current browsers keep the most recent username and password that you enter in memory and transmit that information to the server each time you access a page. Therefore, once you enter a valid username and password for Members Only pages, the correct authentication information is trasmitted to the server automatically and you are not prompted to enter the information again. The browser will not prompt you to enter a new username and password until you visit a page where the current username and password in memory are not valid or until the web browser is restarted.

[Return to the Password Protecting Pages Menu]

[User Guide Main Menu] [Understanding MGI Menu] [Using MGI Menu] [Referencing MGI Menu]