FrankR
Posts: 154
|
| Posted: 04/05/2012, 6:02 AM |
|
We happen to use Windows Security to authenticate a user any time they try to use any of
our internal websites.
Is there a way then to override the CCS login page to mark that person as logged into the CCS app?
I don't want to shut off security - I want to be able make use of CCS's great page security, but I want to be able to achieve that without requiring a second login.
_________________
FR |
 |
 |
mor
Posts: 119
|
| Posted: 04/05/2012, 6:08 AM |
|
If you want to be able use site without requiring a second login every day without shut off security - you can use "Remember Me" feature. By default - 30 days and can be changed. :)
_________________
Mor ve Ötesi |
|
|
|
FrankR
Posts: 154
|
| Posted: 04/05/2012, 6:33 AM |
|
Thanks. But that's not what I meant.
All websites here require a Windows Security login. At that, the person is
Windows authenticated, and that can be examined with various methods.
I want the user to do their Windows Security login. Then I want the CCS app starting,
firing up it's login page, but I want the login page to examine that the person is already
Windows authenticated, set the person as logged into the CCS app, and be able to continue - without actually having the user do the second login.
_________________
FR |
|
|
|
Oper
Posts: 1195
|
| Posted: 04/05/2012, 7:27 AM |
|
There are 3 Session variable you coudl fill using another way/
If you fill those 3 Session variables, you dont need to log in.
Project / Setting / Security / Advanced
Those 3 are the Session Variables. (Set then Manually)
_________________
____________________________
http://www.7bz.com (Free CMS,CRM Developed in CCS)
http://www.PremiumWebTemplate.com
Affiliation Web Site Templates
Please do backup first |
|
|
|
E43509
Posts: 283
|
| Posted: 04/05/2012, 7:43 AM |
|
Here's what I've done and it is more of a 'single signon'
If everyone is allowed to use the web app, I point CCS security settings to a dummy table that I really don't validate against but makes CCS happy.
With windows security, I set my webserver directory to disallow anonymous on my web directory.
My home page has an on initializeview event code that grabs the cgi.auth_user
CFSET MyUser= cg.auth_user
so now I have a validated user
I now set the CCS session variables
CFSET session.UserLogin = MyUser
CFST session.UserId = MyUser
CFSET session.GroupId = 1 (or whatever you have created for groups in security)
Works like a champ.
|
|
|
|
FrankR
Posts: 154
|
| Posted: 04/05/2012, 11:55 AM |
|
Do you keep your pages restricted, though, from CCS?
This app is a single page survey. If I can get it done this weekend, we'll be buying some licenses.
I have tried placing the Session sets in various places, to no avail. It does Not pass through the login screen.
System.Web.HttpContext.Current.Session("UserID") = 1
System.Web.HttpContext.Current.Session("UserLogin") = "frank"
System.Web.HttpContext.Current.Session("GroupID") = 2
_________________
FR |
|
|
|
E43509
Posts: 283
|
| Posted: 04/05/2012, 1:15 PM |
|
Yes, I keep it restricted via CCS
For one app, my initial page is NOT restricted but displays to the user a welcome page saying I think this is you (shows them their cgi auth user info) and says " if this is you please click here to continue" to the page they need to do work on and that page is restricted.
I use the OnInitializeView event on the unrestricted welcome page and set your variables as shown my prior post.
Sooooo maybe for your testing, create a welcome page and set those values as shown in your code snippet and put a simple link on the welcome page to the restricted survey page.
Hope that helps.
|
|
|
|
|
