make webserver password protect

Using Arduino Programming Questions
1

i want to protect my web server for secure control

#include <SPI.h>
#include <Ethernet.h>

byte mac[] = { 0xDE, 0xAD, 0xBE, 0xEF, 0xFE, 0xED }; //physical mac address
byte ip[] = { 192, 168, 1, 170 }; // ip in lan (that's what you need to use in your browser. ("192.168.1.178")
byte gateway[] = { 192, 168, 1, 1 }; // internet access via router
byte subnet[] = { 255, 255, 255, 0 }; //subnet mask
EthernetServer server(80); //server port
String readString;

void setup() {
// Open serial communications and wait for port to open:
Serial.begin(9600);
while (!Serial) {
; // wait for serial port to connect. Needed for Leonardo only
}
pinMode(4, OUTPUT);

// start the Ethernet connection and the server:
Ethernet.begin(mac, ip, gateway, subnet);
server.begin();
Serial.print("server is at ");
Serial.println(Ethernet.localIP());
}

void loop() {
// Create a client connection
EthernetClient client = server.available();
if (client) {
while (client.connected()) {
if (client.available()) {
char c = client.read();

//read char by char HTTP request
if (readString.length() < 100) {
//store characters to string
readString += c;
//Serial.print(c);
}

//if HTTP request has ended
if (c == '\n') {
Serial.println(readString); //print to serial monitor for debuging

client.println("HTTP/1.1 200 OK"); //send new page
client.println("Content-Type: text/html");
client.println();
client.println("");
client.println("");
client.println("");
client.println("");
client.println("USER NAME:
");
client.println("PASSWORD:
");
client.println("");
client.println("");

if (readString.indexOf("firstname") =='rahul')
if (readString.indexOf("pwd")=='rdr')
{

client.println("

second year project

");
client.println("

survilance robo

");
client.println("
");
client.println("
");
client.println("

Arduino with Ethernet Shield

");
client.println("
");
client.println("<a href="/?button1on"">Turn On LED");
client.println("<a href="/?button1off"">Turn Off LED
");
client.println("
");
client.println("
");
client.println("

Created by Rahul . available at rdr.rahul7@gmail.com

");
client.println("
");

}
client.println("");
client.println("");
delay(1);
//stopping client
client.stop();
//controls the Arduino if you press the buttons
if (readString.indexOf("?button1on") >0){
digitalWrite(4, HIGH);
}
if (readString.indexOf("?button1off") >0){
digitalWrite(4, LOW);
}

//clearing string for next read
readString="";

}
}
}
}
}

this is my code ,
help me with my look on it

and itz important that i am new to ethernet shield

2

Regardless of what the client asked for, send back the login page. Why?

3

I suggest you figure out how to do that with a PC based web server application and when you have figured it out you can transfer the concept to your Arduino project.

How secure do you want it to be? Web security is a complex subject - but Google will find a lot of info about it.

You will probably need cookies to maintain state between calls to your server - unless the client is required to authenticate every time.

...R

4

Sending your password as clear text more or less defeats the purpose of having a login in page.