Rob Huelsman
|
| Posted: 06/22/2001, 12:56 PM |
|
I'm building a Help Desk application for our intranet and would like to use
the NT account for authentication. I think the basic code for detecting the
NT account is:
pos=InStr(Request.ServerVariables("LOGON_USER"), "\") + 1
NTUser = Lcase(Mid(Request.ServerVariables("LOGON_USER"), pos))
Our intranet is IIS based and all client browsers are required to use IE
5.5. Detecting the NT account seems to work ok, but I need to pass the
account to the Custom Authentication Event in Modules. I would like to use
the security level model in Code Charge (1=Customer, 2=Technician,
3=Manager) for each page. I have a separate table for the Technicians and I
store their security level in that table.
My needs seem similiar to the Code Charge sample projects, with the NT
account being substituted for the Session("UserID"). I am new to Code Charge
and am not sure how to create a custom authentication system using the NT
account.
Any help would be greatly appreciated.
Rob Huelsman
128th ARW/SC
|
|
|
 |
CodeCharge
|
| Posted: 06/22/2001, 5:08 PM |
|
You may replace CodeCharge Login functionality with your own, in Login Form
properties of your Login page.
Basically, you may modify the generated code and plug it back into
CodeCharge.
Here is the sample code generated by CodeCharge, which you may modify and
plug into "Custom Login" Event:
==================================
sLogin = GetParam("Login")
sPassword = GetParam("Password")
bPassed = CLng(DLookUp("users", "count(*)", "user_login =" &
ToSQL(sLogin, "Text") & " and user_pass=" & ToSQL(sPassword, "Text")))
if bPassed > 0 then
' Login and password passed
Session("UserID") = CStr(DLookUp("users", "user_id", "user_login ="
& ToSQL(sLogin, "Text") & " and user_pass=" & ToSQL(sPassword, "Text")))
Session("UserRights") = CLng(DLookUp("users", "user_sec_lev",
"user_login =" & ToSQL(sLogin, "Text") & " and user_pass=" &
ToSQL(sPassword, "Text")))
sQueryString = GetParam("querystring")
sPage = GetParam("ret_page")
if not(sPage = request.serverVariables("SCRIPT_NAME")) and
not(isEmpty(sPage)) then
response.redirect(sPage & "?" & sQueryString)
end if
response.redirect("index.asp")
else
sloginformErr = "Login or Password is incorrect."
end if
Parse "Formloginform", False
==================================
All you need is to create bPassed variable using your own function instead
of:
bPassed = CLng(DLookUp("users", "count(*)", "user_login =" & ToSQL(sLogin,
"Text") & " and user_pass=" & ToSQL(sPassword, "Text
and setup your own "UserID" and "UserRights" sessions instead of
Session("UserID") = CStr(DLookUp("users", "user_id", "user_login =" &
ToSQL(sLogin, "Text") & " and user_pass=" & ToSQL(sPassword, "Text")))
Session("UserRights") = CLng(DLookUp("users", "user_sec_lev", "user_login
=" & ToSQL(sLogin, "Text") & " and user_pass=" & ToSQL(sPassword, "Text")))
You may need to experiment little bit initially to test your functions.
"Rob Huelsman" <robert.huelsman@wimilw.ang.af.mil> wrote in message
news:9h07sl$504$1@news.codecharge.com...
> I'm building a Help Desk application for our intranet and would like to
use
> the NT account for authentication. I think the basic code for detecting
the
> NT account is:
>
> pos=InStr(Request.ServerVariables("LOGON_USER"), "\") + 1
> NTUser = Lcase(Mid(Request.ServerVariables("LOGON_USER"), pos))
>
> Our intranet is IIS based and all client browsers are required to use IE
> 5.5. Detecting the NT account seems to work ok, but I need to pass the
> account to the Custom Authentication Event in Modules. I would like to use
> the security level model in Code Charge (1=Customer, 2=Technician,
> 3=Manager) for each page. I have a separate table for the Technicians and
I
> store their security level in that table.
>
> My needs seem similiar to the Code Charge sample projects, with the NT
> account being substituted for the Session("UserID"). I am new to Code
Charge
> and am not sure how to create a custom authentication system using the NT
> account.
>
> Any help would be greatly appreciated.
>
> Rob Huelsman
> 128th ARW/SC
>
>
|
|
|
|
|
