Re:Password Authentication - request example

This WebDNA talk-list message is from

1998


It keeps the original formatting.
numero = 17451
interpreted = N
texte = On 5/3/98 4:39 PM, Steve Rosenbaum wrote:> >Jay, do you have this example posted somewhere? > >(Bob from Cybermill posted a neat example on 4/7/98; but I have been unable >to successfully implement it. Among other things, I was unsure if Bob's >checker.txt file is supposed to replace Webcatalog's AuthenticateChecker >file. I am also unclear on Bob's HEADER9 field. ) > >Help!I used the header9 nine field because I was having trouble with CartPassword field and I have yet to go back.Really all that happens is a lookup in your [cart] file, to see if the input username matches the data in the user field of any database you choose if not then it returns the [authenticate user].What I do is place the username and password in the cart using the set header context. Then on each subsequent page I do a lookup in the cart and compare the name and pass with the name and pass in the field. This would be the code you include in each page you wish to protect:[include file=checker&groups=YOURGROUP] where checker is the name of your authentication file.Here is the contents of the checker file:[showif NotFound=[lookup db=memusers.db&lookinField=user&value=[uppercase][orderfile shoppingcarts/[cart]][CartUserName][/orderfile][/uppercase]&returnField=use r¬Found=NotFound]] [authenticate Unauthorized User] [/showif] [showif [url][encrypt][uppercase][orderfile shoppingcarts/[cart]][CartPassword][/orderfile][/uppercase][/encrypt][/url] ![url][lookup db=../memusers.db&lookinField=user&value=[uppercase][orderfile shoppingcarts/[cart]][CartUserName][/orderfile][/uppercase]&returnField=pas s¬Found=NotFound][/url]] [authenticate Unauthorized User] [/showif][search db=../memusers.db&groupsword=ww&wogroupsdatarq=[uppercase][groups][/upperca se]&equserdatarq=[uppercase][orderfile shoppingcarts/[cart]][CartUserName][/orderfile][/uppercase]&eqpassdatarq=[u rl][encrypt][uppercase][orderfile shoppingcarts/[cart]][CartPassword][/orderfile][/uppercase][/encrypt][/url] ] [showif [numFound]=0][authenticate Unauthorized User] [/showif] [/search]Now you need to get the usersname and password into the cart, You will need to put this info at the start of the page that you come to from your login page. I protect this page as well as set the header on it, but webcat is fast enough to deal with it.Here is how I set that information and the cookie for the user as well as authenticate the same page. [setHeader cart=[cart]]CartPassWord=[password]&CartUserName=[username][/setHeader] [setcookie name=MID&value=[username]&expires=Wednesday, 09-DEC-1999 23:00:00 GMT&path=/&domain=www.fishfax.com] [include file=checker&groups=YOURGROUP]I am open for more questions if this is still not clear enough.Robert Minor__________________________________________________________ CyberMill Website Designers & Publishers 8616 Joseph Ave St. Louis, MO 63144 voice 314-962-4024 email: webmaster@cybermill.com http://www.cybermill.com/ __________________________________________________________ We are not responsible for any misspelling or misinformation please check with your internet provider for defects. Associated Messages, from the most recent to the oldest:

    
  1. Re:Password Authentication - request example (Jay Van Vark 1998)
  2. Re:Password Authentication - request example (Bob Minor 1998)
  3. Re:Password Authentication - request example (Steve Rosenbaum 1998)
  4. Re:Password Authentication - request example (Jay Van Vark 1998)
On 5/3/98 4:39 PM, Steve Rosenbaum wrote:> >Jay, do you have this example posted somewhere? > >(Bob from Cybermill posted a neat example on 4/7/98; but I have been unable >to successfully implement it. Among other things, I was unsure if Bob's >checker.txt file is supposed to replace Webcatalog's AuthenticateChecker >file. I am also unclear on Bob's HEADER9 field. ) > >Help!I used the header9 nine field because I was having trouble with CartPassword field and I have yet to go back.Really all that happens is a lookup in your [cart] file, to see if the input username matches the data in the user field of any database you choose if not then it returns the [authenticate user].What I do is place the username and password in the cart using the set header context. Then on each subsequent page I do a lookup in the cart and compare the name and pass with the name and pass in the field. This would be the code you include in each page you wish to protect:[include file=checker&groups=YOURGROUP] where checker is the name of your authentication file.Here is the contents of the checker file:[showif NotFound=[lookup db=memusers.db&lookinField=user&value=[uppercase][orderfile shoppingcarts/[cart]][CartUserName][/orderfile][/uppercase]&returnField=use r¬Found=NotFound]] [authenticate Unauthorized User] [/showif] [showif [url][encrypt][uppercase][orderfile shoppingcarts/[cart]][CartPassword][/orderfile][/uppercase][/encrypt][/url] ![url][lookup db=../memusers.db&lookinField=user&value=[uppercase][orderfile shoppingcarts/[cart]][CartUserName][/orderfile][/uppercase]&returnField=pas s¬Found=NotFound][/url]] [authenticate Unauthorized User] [/showif][search db=../memusers.db&groupsword=ww&wogroupsdatarq=[uppercase][groups][/upperca se]&equserdatarq=[uppercase][orderfile shoppingcarts/[cart]][CartUserName][/orderfile][/uppercase]&eqpassdatarq=[u rl][encrypt][uppercase][orderfile shoppingcarts/[cart]][CartPassword][/orderfile][/uppercase][/encrypt][/url] ] [showif [numFound]=0][authenticate Unauthorized User] [/showif] [/search]Now you need to get the usersname and password into the cart, You will need to put this info at the start of the page that you come to from your login page. I protect this page as well as set the header on it, but webcat is fast enough to deal with it.Here is how I set that information and the cookie for the user as well as authenticate the same page. [setHeader cart=[cart]]CartPassWord=[password]&CartUserName=[username][/setHeader] [setcookie name=MID&value=[username]&expires=Wednesday, 09-DEC-1999 23:00:00 GMT&path=/&domain=www.fishfax.com] [include file=checker&groups=YOURGROUP]I am open for more questions if this is still not clear enough.Robert Minor__________________________________________________________ CyberMill Website Designers & Publishers 8616 Joseph Ave St. Louis, MO 63144 voice 314-962-4024 email: webmaster@cybermill.com http://www.cybermill.com/ __________________________________________________________ We are not responsible for any misspelling or misinformation please check with your internet provider for defects. Bob Minor

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

WebCat2 several catalogs? (1997) Ok here is a question? (1997) [OT] Theiving B*****ds (2004) Three new problems, maybe a fourth (1997) First postarg not taking in $Commands (1997) Sending htmlmail (2007) Looking for Salvatore (2003) Reminder... (2003) WC1.6 to WC2 date formatting (1997) WebDNA Solutions ... sorry! (1997) Thanks Grant (1997) SM's Tech Help (or lack of) (2000) Re:Random Command (1997) A better WebCat whois (was [OT] Domain Name Scam) (2000) WebDNA to Apache RewriteMap (2005) Overridding E-Mailer (1998) Re:HELP - NONE STOP DIGESTS. Digest for 4/24/97) (1997) Formatting dates stored in db (2003) Intermitent problem using [referrer] (1997) Carts in Admin folder? (1999)