Robert
|
| Posted: 02/20/2002, 1:38 PM |
|
I have a CC generated application that uses security and has it's own users table. However, there are instances where I wish to launch the CC application from a non CC application. I plan to do so by providing a link, and including the user_id in a parameter. This needs to call a page in the CC generated app that does a lookup against a different table in a different database, and if the user is authorized I need to bypass security but set whatever security session variables exist to the appropriate level.
I don't understand the CC security model at all so have no sense how to accomplish this ...
Any thoughts ??
Thank you in advance !
-Robert
|
|
|
 |
Ken Hardwick
|
| Posted: 02/20/2002, 2:52 PM |
|
You didn't mention which language you use..I use ASP and here is one way.
1)In one of your login forms,open the the "custom Login" event. Then click on obtain generated code. Copy this code to your clipboard.
Cancel to avoid saving this change.
2)Then this code into your page "open event"
It is going to look like...
Note at the very top is two parameters..so, just pass these params to this page..
www.xyz.com/bypass.asp?Login=ZKEH1&Password=mypassword
and if login and password are valid the login will be successfull.
By the way, I spend a lot of time logging in/out of the various applications
that am designing. I had not thought of doing this..but thanks to your question,
I can now save myself a lot of time..by just putting my login page link
with parameters in my favorites...and put this code in that page..at least while I am doing the development.
Happy CodeCharging...
Ken@KenHardwick.com
Norman,OK
'***************************************************************************
sLogin = GetParam("Login")
sPassword = GetParam("Password")
bPassed = CLng(DLookUp("members", "count(*)", "member_login =" & ToSQL(sLogin, "Text") & " and member_password=" & ToSQL(sPassword, "Text")))
if bPassed > 0 then
'-------------------------------
' Login and password passed
'-------------------------------
Session("UserID") = CStr(DLookUp("members", "member_id", "member_login =" & ToSQL(sLogin, "Text") & " and member_password=" & ToSQL(sPassword, "Text")))
Session("UserRights") = CLng(DLookUp("members", "security_level", "member_login =" & ToSQL(sLogin, "Text") & " and member_password=" & ToSQL(sPassword, "Text")))
cn.Close
Set cn = Nothing
if not(sPage = request.serverVariables("SCRIPT_NAME")) and not(isEmpty(sPage)) then
response.redirect(sPage & "?" & sQueryString)
end if
response.redirect("Default.asp")
else
sLoginErr = "Login or Password is incorrect."
end if
'****************************************************************************
|
|
|
|
|
