Ron S.
|
| Posted: 03/04/2003, 5:49 PM |
|
I want to know how to create a Custom Login routine in CCS using ASP on
IIS. I am trying to integrate a CCS App with an existing Member
registration/login system.
Most of the examples I have seen here are for CC /PHP - I could not
find any examples for CCS using ASP.If some one has an example or can point me to one - it would be great.
Thanks
Ron S
|
|
|
 |
nagu
|
| Posted: 03/05/2003, 9:05 AM |
|
In CC, you create a login page - go to events - select custom login and click on 'obtain generated Code' and change that code... Basically put your logic to login and return proper status/error msg. I would think it would be something similar in CCS.
|
|
|
|
Norbert
|
| Posted: 03/05/2003, 4:31 PM |
|
First of all - it is possible. I did it already for test purposes.
I am developing the project that will use that kind of authentication.
But I am going to implement auth functions at the end of project that's way it is hard to present something that is working.
The issue is described here
http://support.codecharge.com/checkemail.asp?case_id=983891757
You have to use:
Request.ServerVariables("LOGON_USER") to get username
Here is the answer from CCS Support I have received some time ago.
Hold - Proposed Solution
Response:
Norbert,
In current CCS version all types of custom security requires modifications in site security functions. It can be done right in the Common.asp file. We haven’t created neither special component nor example for CCS, but it is good idea. From your side you can put a tip or create article at www.gotocode.com to capture the solution and share with other CCS users.
Just a tip. In your case you should edit CCSecurityAccessCheck() function in common file in order to check LOGON_USER there. This function is called in each protected page.
Regards,
Helen
I can't send you a project - i don't have it. I can send working common.asp from portal example or even published and modified portal example.
If you are interested please let me know
Norbert
|
|
|
|
Norbert
|
| Posted: 03/05/2003, 4:45 PM |
|
Let me publish some details in case someone would like to use it.
modified Common.asp
line 13 and next ones:
Dim sDomainLogonName
sDomainLogonName = UCASE(Request.ServerVariables("LOGON_USER"))
Modified functions:
Sub CCSecurityRedirect(GroupsAccess, URL)
Dim ErrorType
Dim Link
'*************************
CheckDomainUserWithDatabase()
'*************************
ErrorType = CCSecurityAccessCheck(GroupsAccess)
'ErrorType = "success"
If NOT (ErrorType = "success") Then
If IsEmpty(URL) Then _
Link = "Login.asp" _
Else _
Link = URL
Response.Redirect(Link & "?ret_link=" & _
Server.URLEncode(Request.ServerVariables("SCRIPT_NAME") & _
"?" & CCRemoveParam(Request.ServerVariables("QUERY_STRING"), "ccsForm")) & "&type=" & ErrorType)
End If
End Sub
Line 1304:
Function CCSecurityAccessCheck(GroupsAccess)
Dim ErrorType
Dim GroupID
ErrorType = "success"
'*********************************************
CheckDomainUserWithDatabase()
'*********************************************
If IsEmpty(CCGetUserID()) Then
ErrorType = "notLogged"
Else
GroupID = CCGetGroupID()
If IsEmpty(GroupID) Then
ErrorType = "groupIDNotSet"
Else
If NOT CCUserInGroups(GroupID, GroupsAccess) Then
ErrorType = "illegalGroup"
End If
End If
End If
CCSecurityAccessCheck = ErrorType
End Function
Function CheckDomainUserWithDatabase()
Dim Result
Dim SQL
Dim RecordSet
Dim Connection
Dim userid, groupid, suserid, sgroupid, DomainLogon
Set Connection = New clsDBinternet
Connection.Open
SQL = "SELECT [user_id], [group_id], [DomainLogon] FROM [users] WHERE [DomainLogon]=" & True & " AND [user_login]='" & UCASE(Request.ServerVariables("LOGON_USER")) & "'"
'& sDomainLogonName & "'"
Set RecordSet = Connection.Execute(SQL)
Result = NOT RecordSet.EOF
If Result Then
userid=RecordSet("user_id")
groupid=RecordSet("group_id")
DomainLogon=RecordSet("DomainLogon")
Session("PortalUserID") = userid
Session("PortalGroupID") = groupid
suserid= Session("PortalUserID")
sgroupid= Session("PortalGroupID")
End If
'debuging
response.write "<script>alert('sDom= " & Replace(sDomainLogonName, "\", "\") & " suserid=" & suserid & " sgroupid =" & sgroupid & " DomainLogon =" & DomainLogon & "');</script>"
RecordSet.Close
Set RecordSet = Nothing
Connection.Close
Set Connection = Nothing
CheckDomainUserWithDatabase = Result
End Function
Function CCLoginUser(Login, Password)
Dim result
'*********************************************************
result = CheckDomainUserWithDatabase()
'*********************************************************
if NOT result then
result = CCLoginUserDatabase(Login, Password)
end if
CCLoginUser = result
End Function
After some time I think that I could do it in a different way, but as I wrote befeore - it was only for test purposes.
How to modify the protal system to work with domain logons?
1. Add DomainLogon (Yes/No) field in users database.
2. Modify 'EditMembers' to include domainlogon checkbox
3. add domain usernames in capitals DOMAIN\USER and check DomainLogon
4. When adding domain user in portal example - password does not matter, but have to be 1 character long at least.
Hope could help you
Norbert
|
|
|
|
|
