Re: Form Authentication

This WebDNA talk-list message is from

2000


It keeps the original formatting.
numero = 35585
interpreted = N
texte = Kalin Mintchev wrote:Hi, Kalin, here are my comments. First I assume that you are giving access through the form login to pages protected to a specific group. Let's say it is the group DEMO> this is what i do: > page #1: > form with input names password and username, action=logon1.html.OK. BTW in my specific implementation I use a members.db that I manage separately from the WebCat users.db. (I do not encrypt username and password in it). As you seems using a db.db maybe you should also try the easy way first and then encrypt everything when ot works. > page #2: logon1.html > [showif NotFound=[lookup > db=/db/db.db&lookinField=user&value=[username]&returnField=user¬Found=NotFound]] > [redirect page1.html] > [/showif] > [showif [password]![lookup > db=/db/db.db&lookinField=user&value=[username]&returnField=pass¬Found=NotFound]] > [redirect page1.html] > [/showif] > [search > db=/db/db.db&groupsword=ww&wogroupsdatarq=DEMO&equserdatarq=[username]&eqpassdatarq=[password]] ^^^^ Or pass a [groups] value from the previous page. BTW You also have to pass it to all following pages. > [showif [numFound]=0] > [redirect page1.html] > [/showif] > [/search] > [redirect > http://[encrypt][username]:[password][/encrypt]@www.mysite.com/login2.html]Change this: [redirect http://[username]:[password]@www.mysite.com/login2.html]> page #3: logon2.html > in the header: > HTTP-EQUIV=REFRESH CONTENT=0;URL=http://www.mysite/protected.html> > the protected page has this in it:You can simply use [protect DEMO] instead of all this:> [showif NotFound=[lookup > db=/db/db.db&lookinField=user&value=[username]&returnField=user¬Found=NotFound]] > [authenticate Unauthorized User] > [/showif] > [showif [password]![lookup > db=/db/db.db&lookinField=user&value=[username]&returnField=pass¬Found=NotFound]] > [authenticate Unauthorized User] > [/showif] > [search > db=/db/db.db&groupsword=ww&wogroupsdatarq=[groups]&equserdatarq=[username]&eqpassdatarq=[password]] > [showif [numFound]=0] > [authenticate Unauthorized User] > [/showif] > [/search]Hope I could help. Brice -- Brice Le Blevennec, Digerati, ListDad, Ex Machina Interactive Architects S.A., Ex Nihilo Uno S.A. & Ex Machina Graphic Design S.P.R.L. Ex Machina Television SPRL NetBusiness S.A. ContactOffice Arkaos S.A. X-Pose 2.0 & Visualizer ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: Form Authentication (Kalin Mintchev 2000)
  2. Re: Form Authentication (Brice Le Blevennec 2000)
  3. Re: The Form authentication trick (John Butler 2000)
  4. Re: The Form authentication trick (Kenneth Grome 2000)
  5. Re: The Form authentication trick (John Butler 2000)
  6. Re: The Form authentication trick (Glenn Busbin 2000)
  7. Re: The Form authentication trick (Kalin Mintchev 2000)
  8. Re: The Form authentication trick (ShrPAUL1@aol.com 2000)
  9. Re: The Form authentication trick (Kalin Mintchev 2000)
  10. Re: The Form authentication trick (John Butler 2000)
  11. Re: The Form authentication trick (Kalin Mintchev 2000)
  12. Re: The Form authentication trick (Kalin Mintchev 2000)
  13. Re: The Form authentication trick (Webcat 2000)
  14. Re: The Form authentication trick (John Butler 2000)
  15. Re: The Form authentication trick (Kalin Mintchev 2000)
  16. Re: The Form authentication trick (Kalin Mintchev 2000)
  17. Re: The Form authentication trick (Kalin Mintchev 2000)
  18. Re: The Form authentication trick (John Butler 2000)
  19. Re: The Form authentication trick (Kalin Mintchev 2000)
  20. Re: The Form authentication trick (John Butler 2000)
  21. Re: The Form authentication trick (Kalin Mintchev 2000)
  22. Re: The Form authentication trick (John Peacock 2000)
  23. Re: The Form authentication trick (Bob Minor 2000)
  24. Re: The Form authentication trick (John Butler 2000)
  25. Re: The Form authentication trick (Kalin Mintchev 2000)
  26. Re: The Form authentication trick (Brice Le Blevennec 2000)
  27. Re: The Form authentication trick (John Butler 2000)
  28. Re: The Form authentication trick (Kenneth Grome 2000)
  29. Re: The Form authentication trick (John Butler 2000)
  30. Re: The Form authentication trick (Kenneth Grome 2000)
  31. Re: The Form authentication trick (John Butler 2000)
  32. The Form authentication trick (Brice Le Blevennec 2000)
Kalin Mintchev wrote:Hi, Kalin, here are my comments. First I assume that you are giving access through the form login to pages protected to a specific group. Let's say it is the group DEMO> this is what i do: > page #1: > form with input names password and username, action=logon1.html.OK. BTW in my specific implementation I use a members.db that I manage separately from the WebCat users.db. (I do not encrypt username and password in it). As you seems using a db.db maybe you should also try the easy way first and then encrypt everything when ot works. > page #2: logon1.html > [showif NotFound=[lookup > db=/db/db.db&lookinField=user&value=[username]&returnField=user¬Found=NotFound]] > [redirect page1.html] > [/showif] > [showif [password]![lookup > db=/db/db.db&lookinField=user&value=[username]&returnField=pass¬Found=NotFound]] > [redirect page1.html] > [/showif] > [search > db=/db/db.db&groupsword=ww&wogroupsdatarq=DEMO&equserdatarq=[username]&eqpassdatarq=[password]] ^^^^ Or pass a [groups] value from the previous page. BTW You also have to pass it to all following pages. > [showif [numFound]=0] > [redirect page1.html] > [/showif] > [/search] > [redirect > http://[encrypt][username]:[password][/encrypt]@www.mysite.com/login2.html]Change this: [redirect http://[username]:[password]@www.mysite.com/login2.html]> page #3: logon2.html > in the header: > HTTP-EQUIV=REFRESH CONTENT=0;URL=http://www.mysite/protected.html> > the protected page has this in it:You can simply use [protect DEMO] instead of all this:> [showif NotFound=[lookup > db=/db/db.db&lookinField=user&value=[username]&returnField=user¬Found=NotFound]] > [authenticate Unauthorized User] > [/showif] > [showif [password]![lookup > db=/db/db.db&lookinField=user&value=[username]&returnField=pass¬Found=NotFound]] > [authenticate Unauthorized User] > [/showif] > [search > db=/db/db.db&groupsword=ww&wogroupsdatarq=[groups]&equserdatarq=[username]&eqpassdatarq=[password]] > [showif [numFound]=0] > [authenticate Unauthorized User] > [/showif] > [/search]Hope I could help. Brice -- Brice Le Blevennec, Digerati, ListDad, Ex Machina Interactive Architects S.A., Ex Nihilo Uno S.A. & Ex Machina Graphic Design S.P.R.L. Ex Machina Television SPRL NetBusiness S.A. ContactOffice Arkaos S.A. X-Pose 2.0 & Visualizer ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ Brice Le Blevennec

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Extended [ConvertChars] (1997) WebCat2 beta FTP site (1997) SQL Changes in 3.0.7? (2000) WebCat2 Append problem (B14Macacgi) (1997) WebCat2 beta 11 - new prefs ... (1997) Virtual Postcards (1998) More on the email templates (1997) creating an index based on first letter of word in specificfield in database (2002) Separate server for jpg/gif files (1998) creator code (1997) [WebDNA] Press Release (2008) WebCatalog can't find database (1997) Cookies (1999) [OT] Favourite Firefox Extensions (2004) [OT] authenticate with email server (2004) Sandbox Administation (2003) Last freebie (1998) can you take a look (2003) WCS Newbie question (1997) Re:Searching for ALL / empty form field (1997)