Dave Rexel
|
| Posted: 03/21/2002, 1:05 PM |
|
Perhaps a 3rd way:
-add app_name field to users table in each app
-fill in unique name for each app (this could be split off in a large
structure to lookup table)
-on each apps login succesful generate a session for this field
-check för this session variable in suitable place in each app
-if the session_variable does not match the value set for app
-redirect the user to the requested apps login page
but dont destroy/overwrite their old session until successful relogin
(this will allow the user to return to their previous app if needed
without re-login)
this will stick even after recompiling
"William Raymond" <braymond@officecollab.com> wrote in message
news:a43qlk$q3g$1@news.codecharge.com...
> Hello,
>
> I have a web server with a number of applications and a few different
> databases. Unfortunately, CC security does not care what
> database/application you were connected to, if you are suddently heading
off
> to another application/database. For example, a user on the website has a
> login name and password with CC Level 1 security. The user decides to go
to
> another application, with another database, but the username/password is
the
> same.
>
> At the second point, where the customer is heading over to the new
> application, I would like CodeCharge to force this user to login again,
even
> if the user is going to a link that was saved in their Favorites.
>
> I am thinking this would take some adjustments to the code handling the
> UserID session variable, but I do not know the best approach to handling
> this.
>
> Thanks,
>
> -Bill
>
> --
> Bill Raymond
> Project MVP
>braymond@officecollab.com
> Office Collaborators, Inc.
>
>
>
>
|
|
|
 |
|
