JavaScript
  Home arrow JavaScript arrow Building a CHAP Login System: Coding Serve...
Dev Articles Forums 
ADO.NET  
Apache  
ASP  
ASP.NET  
C#  
C++  
ColdFusion  
COM/COM+  
Delphi-Kylix  
Design Usability  
Development Cycles  
DHTML  
Embedded Tools  
Flash  
Graphic Design  
HTML  
IIS  
Interviews  
Java  
JavaScript  
MySQL  
Oracle  
Photoshop  
PHP  
Reviews  
Ruby-on-Rails  
SQL  
SQL Server  
Style Sheets  
VB.Net  
Visual Basic  
Web Authoring  
Web Services  
Web Standards  
XML  
Mobile Linux 
App Generation ROI 
IBM® developerWorks 
Weekly Newsletter
 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us Get Paid 
Request Media Kit
Contact Us 
Site Map 
Privacy Policy 
Support 
 USERNAME
 
 PASSWORD
 
 
  >>> SIGN UP!  
  Lost Password? 
JAVASCRIPT

Building a CHAP Login System: Coding Server-Side Random Seeds
By: Alejandro Gervasio
  • Search For More Articles!
  • Disclaimer
  • Author Terms
    		•
    Rating: 5 stars5 stars5 stars5 stars5 stars / 14
    2005-09-06

    Table of Contents:
  • Building a CHAP Login System: Coding Server-Side Random Seeds
  • Stepping back: a quick look at the previous CHAP login system
  • Moving forward: Improving the random seed generator
  • Refactoring the CHAP login system: Adding functionality to the JavaScript program
    		•

    Rate this Article: Poor Best 
      ADD THIS ARTICLE TO:
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article
    		 
     
    ADVERTISEMENT

    Building a CHAP Login System: Coding Server-Side Random Seeds
    (Page 1 of 4 )

    Welcome to the second part of “Building a CHAP login system.” In three parts, this series introduces the basics of building a web-based login system that uses the Challenge Handshake Authentication Protocol (hence the CHAP acronyms), explaining its benefits, and exploring its implementation.

    Introduction

    In the previous part of the series, I provided you with core concepts related to client-side data encryption, through the implementation of the MD5 hashing algorithm in JavaScript. I also provided you with the basic requirements for building a login system, which offers a greater level of security compared to the vast majority of such systems found on the Web that usually transmit data in an unencrypted way.

    At this point, hopefully you’ve understood the advantages and drawbacks of working with user-provided data, which is hashed in the client domain, and later transmitted for authentication on the server. As I previously discussed in the first part of the series, the most significant benefit of implementing such as system is obviously the fact that data encryption is performed via JavaScript, without the need to look at other solutions, such as https.

    On the other hand, the use of JavaScript as the core encryption method reveals the strong dependency on scripting-enabled browsers for this technique to be successfully implemented. As you can see, good things come at a cost, and this one is no exception.

    With the key concepts well understood, over this second part, attention will be turned to the server side, where authentication takes place. For this purpose, I’ll be illustrating some methods for generating random seeds, ranging from simple semi-random string generators to slightly more complex procedural approaches. Since all of the server source code will be developed in PHP, it shall be extremely easy to adapt it to working with the language of your choice.

    Next: Stepping back: a quick look at the previous CHAP login system >>
     

    More JavaScript Articles
    More By Alejandro Gervasio


       · The second part of the tutorial looks at several methods to code server-side random...
     
    >>> Post your comment now!

    JAVASCRIPT ARTICLES

    - Validating Digits and Dates with jQuery`s Va...
    - Validating Ranges, Emails, and URLs with jQu...
    - More Uses for the jQuery Tooltip Plug-in`s b...
    - Building Image-Based Tooltips with the jQuer...
    - Using the jQuery Tooltip Plug-in`s bodyHandl...
    - Using Rangelength, Min and Max with the Vali...
    - Using Minlength and Maxlength with the Valid...
    - Modifying Tooltip Coordinates with the jQuer...
    - Applying a Fade Out Effect with the jQuery T...
    - Tracking Mouse Movements with the jQuery Too...
    - Checking Online Forms with the Validator jQu...
    - Nested JavaScript Functions as Objects
    - The jQuery Tooltip Plug-in
    - Active Client Pages at the Server
    - ACP Tab Web Page
    Find More JavaScript Articles






    © 2003-2009 by Developer Shed. All rights reserved. DS Cluster 1 Hosted by Hostway
    Stay green...Green IT