It is important to be careful of site naming conventions within protected areas to make the user experience as smooth as possible. In particular, even if you have set both www.example.com and example.com to refer to the same server, it important that links within protected areas be consistently named with one server name, or identified without the server name by path only. This arises because of the way browsers interpret the application of cached credentials as they encounter requests ...

The rapid adoption by organizations of WWW services as a channel to reach wider audiences and as a tool to conduct business has led to security challenges which were not anticpated in the original research orientation of such services. In particular, it was not forseen that it would necessary to restrict access from the public at large.

At the point that a business begins to use a WWW service to publish materials that are to be restricted from general public access it needs to implement security measures to ensure that the material is accessible only to those sanctioned by the organization as authorized users. These users may include the specific segments of the public in general, such as subscription membership sites, or may be restricted to internal groups such as employee portals for workforces deployed in the field ...