Doorman readme document, October 12, 1997 by Dino Morelli.

Doorman site security applet

Contents

What is Doorman?
Installation
File list
Known problems
Feedback
Revision history

What is Doorman?

Doorman is a Java security applet which will allow you to limit access to pages on your website.

Typically, access issues are handled with forms for password and/or username entry which then feed into cgi code on the server-side.

But with Doorman, security is handled entirely on the client-side.

If you need to limit access to pages on your site and either can't or don't want to get involved with cgi on your server, this applet is for you.

Doorman was included in PC WEEK's Jeff's Internet Adventures article on cool Java applets in the May 25, 1997 edition. See the article here.

Highlights:

• Compliant with the Java 1.02 API and is "clean" i.e. has been tested in a number of browsers.
• No programming knowledge required for installation and use. All interaction with the applet is via a documented text "command" file.
• Supports both locked and unlocked pages -- you decide which parts of your site are to be protected.
• Foreground and background colors are customizable allowing you to make Doorman look good with the rest of your pages.
• Will play sound files (.au format) to indicate that a link is locked or that a link is being loaded. Sample sounds provided on the Get It Now! page.

Drawbacks:

• Doorman cannot actually inhibit the server from giving someone a page. Doorman works by deciding to tell or to not tell the browser to load a document into a frame.
  There is nothing I can do further than that without CGI access, which is what Doorman was created to specifically not rely on.
  In short, this applet is not bullet-proof. Not many things are, but CGI programming on the server is much more secure. If you need this kind of security, then Doorman is probably not for you.
• The TransKey utility which encrypts/decrypts the key file is by necessity a stand-alone Java application. This means that anyone wishing to use Doorman at all will have to get and install a Java runtime for their platform. If you have one already, then this is not a problem. If you run Java applications on your system outside of a browser, then you have one already. Otherwise, this will require an additional download. Use the Java Runtime Environment from Sun (~2.5M download for Win32) http://java.sun.com/products/jdk/1.1/jre/index.html
• Doorman was designed to be used in a frame-based site. Frames are not absolutely necessary, though.

Installation

In order to use Doorman, follow these steps:

1. Modify your html to make your site use the proper applet tagging. See the example html documents in the \Doorman\ directory, they show how this is done and are fully functional.

2. Modify a copy of the Doorman.txt file (one is provided in the \Doorman\ directory) to reflect what password, pages and access to those pages you'd like.

3. Run TransKey on it. i.e. at the command prompt in the \Doorman\ directory:
   TransKey -e -p:yourpass Doorman.txt
   This batch file takes advantage of the JRE which is Sun's Java Runtime Environment. It gives your machine Java application capability. Get the JRE (~2.5M) at http://java.sun.com/products/jdk/1.1/jre/index.html
   NOTE: the password used in the command line for TransKey is pretty much arbitrary and has nothing to do with the password that you actually typed into the Doorman.txt file. Its purpose is to prevent someone from decoding your key file and reading your user password.

4. Make sure ALL of the .class files in the \Doorman\ directory and the file Doorman.jar are uploaded to your website in the same place that your pages will live. In the future, as more browsers become Java 1.1 compliant, the .class files will not be necessary. If you know for a fact that your users will use a 4.xx or later browser for access, all you need to upload is the Doorman.jar file.

5. Upload the Doorman.key file that was made with TransKey as well.

File list

\Doorman

AboutDialog.class

Assert.class

BlockCipher.class

BlowfishCipher.class

CbcBlockCipher.class

Cipher.class

CryptoUtils.class

DoorData.class

DoorDataStorage.class

Doorman.class

Doorman.jar

Doorman.key

Doorman.txt

Doorman_readme.html

DoorUtils.class

EncryptedInputStream.class

Fmt.class

index.html

LabelCanvas.class

left.html

LinkInfo.class

LinkPanel.class

ListEx.class

main.html

SelectionEvent.class

StatusPanel.class

StreamCipher.class

test1.html

TransKey.bat

TransKey.jar

Utils.class

Known problems

-(none at the moment, let me know if you have any)

Feedback

Doorman author: Dino Morelli (dmorelli@ct1.nai.net)
Doorman home site: http://w3.nai.net/~dmorelli/Doorman/index.html
Encryption code provided by Jef Poskanzer at Acme Software

Doorman revision history

Doorman project special notes for this version:

-Significant changes have been made to the file i/o in both the applet and the TransKey utility. This means that your old key file will not work with this version. Make sure you run your Doorman.txt file through TransKey even if you choose to not edit it at this time.

Doorman applet v1.08

-Added ARCHIVE parameter to APPLET tagging for newer (read 4.xx) browsers to use the jar file format. Note: this appears to not work correctly in IE3.02 much to my disappointment. IE 3.xx versions should be disregarding the ARCHIVE parameter in the APPLET tagging, they're not.

-A change was made to deal gracefully with blank lines in the Doorman.txt file. You can now place blank lines freely in your Doorman.txt file and the bug with blanks at the end of the Doorman.txt file is fixed.

-Applet now no longer generates multiple About dialogs. Only one is allowed at a time (as it should be).

-Fixed error that would sometimes occur with Netscape if the user decided to not use audio clips.

Doorman applet v1.07

-Switched over to an enhanced encryption scheme. Much more secure.

-Custom colors can now be used for the foreground (mainly text items) and background. This is done via two lines in the key file, and is documented in Doorman.txt

Doorman applet v1.06

-Added About dialog to applet.

-Added encryption to the Doorman.key file. This works in conjunction with the TransKey utility to encrypt/decrypt a text source key file.

Doorman applet v1.05

-Added sound capability. Both an 'access denied' and 'accessing' sound are supported.

Doorman applet v1.04

-Made the applet a little more memory-efficient at runtime. This is an internal adjustment, nothing would look any different to the user.

Doorman applet v1.03

-Text at the bottom of the applet now changes to reflect 'status' as well as the applet's name.

-'Enter password' text now changes to 'Logged in' after successful login.

Doorman applet v1.02

-'Enter' key now works when entering a password (as opposed to requiring the Ok button be pushed).

-Listbox now responds to double-clicks.

-Removed Go! button altogether, it's not needed with double-click support in place.

-Switched the listbox and password panels' places in the applet frame.

Doorman applet v1.01

-Made some more descriptive status-line messages in Doorman.

-Changed font in listbox to TimesRoman, Bold, 14pt. It was a very, very small Ariel before.

Doorman applet v1.00

-Initial release.

TransKey application v1.02

-TransKey is now a Java 1.1 application and is packed in a jar archive file. This means that you need to use the JRE 1.1.4 (or later) to run it. Installing the JRE is a good thing in general and will allow you to run Java applications freely on your system. It's a relatively small one-time download of ~2.5M. The JRE is available at http://java.sun.com/products/jdk/1.1/jre/index.html

TransKey application v1.01

-Switched over to an enhanced encryption scheme. Much more secure.

-Fixed bug in the way the webmaster password length was stored. This was limiting the password to 9 chars or less. Now webmaster password can be up to 32 characters in length.

TransKey application v1.00

-Initial release.

---

This page was created Sunday, October 12, 1997. © copyright 1997 Dino Morelli.