I am using an NT server 4.0, with O'Reilly Website

2.0, and OI 3.61 to develop external dynamic web publishing.

All is working well and I am starting to work on access security. I

could control some of this through NT but I prefer to do so through

O'Reilly and that is already working fine for basic security. Users

can log on and if they have been manually placed in the O'Reilly Website user list with password all is well when they respond to the

authentication dialog window (name / password).

My thought is to do more detailed user access management through

OI. I will have a database of users with various fields against which

security / access / billings can be evaluated.

My problem is to capture the user/password information from the

first exchange on login and get that information into OI so that I can

then determine how to respond to the authenticated user via oicgi. I realize that I could set up my own FORM for login and could then capture the reply but this would then completely bypass the O'Reilly feature with its own security advantages.

I have the impression that the answer to this is very easy – just

that I do not have the right angle on it. My sense is that this information must be stored somewhere before control is passed by the

server to OI – and in this sense it is not an OI question but one relating to O'Reilly.

Any thoughts

View this thread on the Works forum...