Password protection based on share request source

[ilgaspa]

Hello everyone
I still can't understand if it's possible or not, but I'm trying to configure HFS as follows: I use HFS to access my files from my Sony PS3 (wich is part of my home network) and from my computer at work (wich isn't). Normally I'd simply password protect the shares and live happily, but my Playstation3 seems to have problems with the authentication procedure of HFS, so I can't login even if I enter the right username / password. Thus, I'd like to configure HFS as follows:

- Free access to the shares when the request comes from my home network
- Password protection when requests comes from outside

My home network is connected to internet by an ADSL router
Can someone help me? alternatively, some help diagnosing why my PS3 isn't able to login would do

[rejetto]

welcome!

altho i think you should dig further for this login problem of your ps3,
here is a case where comes to hand the new feature i just introduced in last beta version: event scripts.

this is a possible solution, and will require you to be using the last beta version (you find in the "beta" forum).
keep your stuff in a folder "stuff", and create an account "itsme".
put this text inside a text file "hfs.events" near "hfs.exe"

Code: [Select]

[request]
{.if|{.match|/stuff/*|%url%.}|

{.if|{.or|{.%user% = itsme.}| {.match address|10.*;192.168.*|%ip%.} /or.}
|all right, do what you please (this is just an optional comment, heh)
|{:{.disconnect.}:}
./if}

./if}

i DIDN'T test this code, but what it is supposed to do is:
1. act only if the folder is "stuff"
2. then, if the username is "itsme" or the address is your home network, let it pass, else disconnect!

[rejetto]

alternative solution, with no account to be created!

put this text inside the file "hfs.events", like before

Code: [Select]

[request]
{.if|{.match address|10.*;192.168.*;{.load|myOtherIp.txt.}|%ip%.}
|all right, do what you please (this is just an optional comment, heh)
|{:{.disconnect.}:}
./if}

create a virtual folder with a secret name "let_me_enter".
right click on this folder -> hide
right click on this folder -> advanced -> diff template -> enter this text: {.save|myOtherIp.txt|%ip%.}



OK, DONE
what to do?
if you are in your home network, just access your stuff, no password.
if you are in office, FIRST access the folder "let_me_enter". You'll have to type the address manually, because it's hidden! then now you are allowed to access all the rest.

how does it work?
this hfs.events will let pass only your home network and ONE other address. This one address is saved in the file myOtherIp.txt and changes everytime you access the hidden folder "let_me_enter".


.
.
.
all hail the event scripts! 

[rejetto]

Please consider that if your network administrator in your office sniffs your data, he then will be able to  everything, passwords, hidden folders, anything.
I guess such sniffing is not legal in Italy, but you may want to ask before.

Anyway, the amount of data of your office may be too much for this person to waste his time watching it all. In such case, the second method i suggested is more secure, because nothing will appear as a password. It's just a folder, nothing makes it special in the logs.

[ilgaspa]

Thanks  I'll try these scripts as soon as I get home (now I'm at work ) About the safety of the whole thing, I agree with you that I should go for the last solution to avoid any risk in case my traffic is eavesdropped. Another idea I had a few minutes ago was using a VPN connection to my home network when at work, but I guess is a bit overkill...

Speaking of my PS3 problems...I just can't understand what's wrong: when theres no password set, I can access my HFS shares without problems, but when there's a password set I can't go after the "login" dialog. The PS3 correctly recognize that I need to enter a login and a password, I enter them and then the HFS page stays forever in "loading" state... O_o

[rejetto]

i have no ps3, and can't test. Google for it, if you didn't yet.

I don't think the VPN is overkilling, because it would give you total security.
The best solution IMO.
I didn't think of it because i had to advertise this new feature

[r][m]

Its been a long time since we worked with the PS3,
but I think I remember the PS3 browser doesn't have
the same capabilities as the computer browsers like
Firefox, etc, unless you have loaded linux on it as OS.
The PS3 would "see" HFS pages, but do little more than that.

[ilgaspa]

You're right about the fact the PS3 browser is limited, but it handles well enough anything wich doesen't make an heavy use of javascript or ajax it can handle hfs pretty well and in fact a lot of people use hfs to transfer files from pc to the ps3 because browser downloads can go on in background while playing games, whilst copying from a cd/usb drive or from an upnp share can't be done in background Without a password set, hfs works perfectly: it's only when there's a password that I have problems... however it seems that other people on the net are able to use hfs with password protection on their PS3 without problems, so I'm the one doing something wrong O_o

[ilgaspa]

First things first, thank you all for your help: I managed to find what was the problem with the login process on my PS3! I think this should be added to the faq as it isn't as obvious as it could seem O_o well... the problem was THE TEMPLATE! I still have test a little more, but it seems that with the default template I can login correctly, whilst when using Terayon I can't! So a good way to fix login problems is to switch to default template and see if, at least this way, you're able to login correctly! ^_^

[rejetto]

thank you for reporting.
let us know if you find more details please.