| 摘要 |
A system and method are provided for segregating access to dynamic content on multiple websites hosted by a web server. When a request is received for dynamic content from a website, a UserRetriever module identifies a path to the content and retrieves a username and password corresponding to the website, from a database that is separate from the web server and used for other purposes (e.g., billing). A UserImpersonator module requests a logon handle for that username from a logon cache manager. The logon handle is used to associate the request with the impersonated user account instead of the default anonymous user account with which the request was initially associated. The dynamic content is retrieved and served under the context of the restricted impersonated user account session, after which the applied logon handle is stripped off and the request is re associated with the default anonymous user account. Start End Viewer requests script Strip username security (e.g., x.php) context; reattach default Request received at web Run script engine to retrieve server and run script Attach request to thread Login thread as username, set 206 new security context Retrieve username & password ----- based on requested content |
