chris
Posts: 16
|
| Posted: 05/14/2004, 7:58 AM |
|
Hi,
I am fairly new to CCS, and I built some applications with user-authentication. I want to group the applications, by calling them from a (I call it a) Portal.
I want to keep my existing appl with the built-in user mgt (I always use the same structure for all appls)
So my default entry would be the Portal-page, where I logon in, depending on my login, I would display a number of apps, I can access. If I click on the link, I should access the existing appl, but because I authenticated already on the portal page, I would not want to get prompted again for the login-screen of the appl, but pass the user-name/group-name to that appl.
Is this possible, and can I pass the information and prevent the appl from requesting authentication ?
thx,
Chris
WinXP IIS/PHP/MySQL
|
 |
 |
peterr
Posts: 5971
|
| Posted: 05/14/2004, 9:45 AM |
|
If all your applications are on the same server and all applications utilize the same Session variable names (Project -> Settings -> Security -> Advanced) then single login should work automatically, meaning that logging into one application will create the server session variables, which will be present in all other applications.
_________________
Peter R.
YesSoftware Forums Moderator
For product support please visit http://support.yessoftware.com |
|
|
|
chris
Posts: 16
|
| Posted: 05/16/2004, 9:22 AM |
|
Thx Peter,
It worked ! But you need to have the same domain-name ! In my initial tests I mixed LOCALHOST and my real DOMAIN-name, then it did not work !
Chris
|
|
|
|
peterr
Posts: 5971
|
| Posted: 05/16/2004, 2:15 PM |
|
I remember that when using ASP (or rather IIS) it works across multiple domains, which actually can be a security risk and not everyone is happy about this. Therefore I guess this may not work with all programming languages. This is actually good since I'm sure that most people don't want other Websites on the same server to read their users' login information. The security on the Web must be very tight and this is also the reason that one Website cannot read cookies on your computer that were created by another Website.
Due to such general Web security considerations I'm actually not sure what is and what is not possible. Your question is not really related to CCS therefore I would look for answeres elsewhere, for example on Google.
It's actually possible that PHP or Apache itself can be configured to allow what you need.
Possibly someone else on this forum will offer ideas or a proven solution.
_________________
Peter R.
YesSoftware Forums Moderator
For product support please visit http://support.yessoftware.com |
|
|
|
chris
Posts: 16
|
| Posted: 06/21/2004, 7:45 AM |
|
Peter,
I still have a problem; you're right when you state that user-id and group-id are passed via the session variables. But this gives me the following problem: in appl A user 1 belongs to group X, in appl B user 1 belongs to group Y: when you go from appl A to appl B, the group is not re-checked; e.g. user 1 will belong to group X, if you go from appl A to appl B.
What I need is some mechanisme to reset the group to it's correct (local) value depending on the application: The first time I access an application, the user is authenticated and the correct group is picked up; if I go from there to another application, it should use the already authenticated user to pick up the correct group.
I assume, that to do this, I need to change the standard CC behavior ?
Do you have any idea, how to solve the above ?
thx,
Chris
|
|
|
|
peterr
Posts: 5971
|
| Posted: 06/21/2004, 11:43 AM |
|
I don't think that you need to change the standard CCS behavior. You could add some code at the end of Common.asp to check which Website the user is at, check the group session, maybe even create a new session variable that tells you which Website the user is at so that you don't need to verify the group each time.
This is just my brief analysis but I'd have leave the implementation to you.
_________________
Peter R.
YesSoftware Forums Moderator
For product support please visit http://support.yessoftware.com |
|
|
|
|
