| Author |
 Topic  |
|
|
JohnathanKong
Starting Member
7 Posts |
 Posted - 17 October 2007 : 15:14:51
|
Hello,
I have tried the search feature, but still am not able to answer this question. What I would like to do is add functionality so that domain users can log on as well as public users. Domain users will have random passwords generated for them, while public users will have chosen passwords. To make this work, I have a file that is protected and only available to domain users. When they enter their domain username and password, my single page logs them in.
At this point, I have the users getting logged into the system. Their permissions are read accordingly, but they cannot post or logout. When thry try to post, they get a white screen, and when they try to logout, the screen flashes, and it logs them back in. Here is my page that logs in the domain users:
<!--#INCLUDE FILE="config.asp"-->
<!--#INCLUDE FILE="inc_func_common.asp"-->
<%
dim rsUser, conn
if len(Mid(Request.ServerVariables("AUTH_USER"), Instr(1, Request.ServerVariables("AUTH_USER"), "\") + 1)) > 0 and not strLoginStatus = 1 then
set conn = Server.CreateObject("ADODB.CONNECTION")
set rsUser = Server.CreateObject("ADODB.RECORDSET")
conn.Open strConnString
rsUser.Open "SELECT m.M_PASSWORD FROM glbPermissions p INNER JOIN FORUM_MEMBERS m ON p.id = m.M_FITS_ID WHERE p.loginName='" & lcase(Mid(Request.ServerVariables("AUTH_USER"), Instr(1, Request.ServerVariables("AUTH_USER"), "\") + 1)) & "'", conn
if not rsUser.EOF then
strDBNTUserName=trim(Mid(Request.ServerVariables("AUTH_USER"), Instr(1, Request.ServerVariables("AUTH_USER"), "\") + 1))
strEncodedPassword = rsUser("M_PASSWORD")
Call DoCookies("false")
Session("Snitz")="OK"
strLoginStatus = 1
end if
rsUser.Close
conn.Close
end if
if Len(Request.QueryString("target")) > 0 then
Response.Redirect "login.asp?" & Request.QueryString("target")
else
Response.Redirect "default.asp"
end if
%>
|
|
|
JohnathanKong
Starting Member
7 Posts |
Posted - 18 October 2007 : 09:17:29
|
Been working on it all last night, and it seems that when I use my custom login page, all forms that use the "post" method stop working; even when I create my own little custom page app. I have not seen anything like this before, but it's like something is blocking my post, but when I use get, everything works fine. After playing with this, I have narrowed down the problem to reading the posted data. It is being sent alright, because when I send the data to a different URL, everything works, so I have to believe that something is preventing ASP from reading in values passed to it.
<html>
<head>
</head>
<body>
<%=Request.form("test")%>
<form method="post" action="test.asp">
<input type="text" name="test" />
<input type="submit" value="submit" />
</form>
</body>
</html> |
Edited by - JohnathanKong on 18 October 2007 10:08:57 |
 |
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
|
|
JohnathanKong
Starting Member
7 Posts |
Posted - 18 October 2007 : 10:58:41
|
| Hey ruirib, thanks for the reply. I did have a look at the Universal Login Mod, but looking at the code, it did not seem to do what I wanted, but I will look at it again. My goal was to modify the snitz code as little as possible, so I thought that if I dropped the same cookies that snitz did when logging users on from another page, it would work; this custom page is in the same dir as all the snitz files. I glanced over the universal login, but did not see any cookies, so that's why I did not think it would work for me. What makes this hard is that our internal users do not have passwords, only the hashes in the database, so I need to log them in without prompting them for a password. This is somewhat secure because it will be using NT authentican, and the page is protected. I would make it full NT authentication, but I can't because we have public users that will be using a password & username to enter the site. These people will not have access to our protected custom login page. Anyways, I will try to integerate the code into my page and see what happens. Thanks. |
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
|
|
JJenson
Advanced Member
USA
2121 Posts |
Posted - 18 October 2007 : 11:20:42
|
I think you will also need to include the inc_header.asp or inc_header_short.asp and also the inc_footer.asp or inc_footer_short.asp.
I thought those values are being used in these files or am I wrong in thinking this? |
|
|
|
JohnathanKong
Starting Member
7 Posts |
Posted - 18 October 2007 : 11:21:48
|
| Hey ruirib, I managed to try out the Universal Login Mod, and you are right, it does do what I want to an extent. I will have to tweak it when I get this working, but anyways, this mod falls victim to the same bug that I initially had. I get logged on correctly, I am the admin so I do have a password, but all form post methods are disabled, like when I used my custom page, and my test program doesn't work (see above post). It's really weird because when I use the Universal Login Mods logout, I can't login anymore through the main page because asp can't read form post methods. What gets even weirder is that if I check the save login, basically Call DoCookies("true"), close down my browser window, then open it, I am logged in, and everything works beautifully; so it seems that the cookies are working correctly. The only thing that I can think of is that it may be something to do with sessions because other URLs can read post data, and even if I put my test.asp page sometwhere else and send it data from my forum site, data is able to be read. At this point I am really confused. Hopefully you can help me shed more insight to this problem. |
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
Posted - 18 October 2007 : 11:31:00
|
I don't ever remember such a situation. The universal login mod works quite well, AFAIK, as I can gather from our users experiences, though I've never used it myself.
Does that happen with a single browser? |
Snitz 3.4 Readme | Like the support? Support Snitz too |
|
|
|
JohnathanKong
Starting Member
7 Posts |
Posted - 18 October 2007 : 11:49:32
|
| Hey ruirib, I am not too sure what you mean by a single browser, but I am using ie7, and that is the standard for our company. At this point, only out employees are locked out, not our partners, which is a good thing to some degree. Also, I do not doubt that the universal login does work, but I am not too sure what it could be. The really weird part is that it affects the whole site so, as I keep say because I find it so odd, my little test page does not even work. I can't figure out why the normal Snitz login works perfectly, but any mod or customization fails. I will try one more thing, which is create a page that is not protected, and see if the universal login will work. If it doesn, then there is something wrong with the way I am protecting the page. |
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
Posted - 18 October 2007 : 11:54:37
|
| Well I'm just trying to find out whether that is a coding issue or a browser related issue. Can you test your page with Firefox, just to rule out the browser variable? |
Snitz 3.4 Readme | Like the support? Support Snitz too |
|
|
|
JohnathanKong
Starting Member
7 Posts |
Posted - 18 October 2007 : 12:05:28
|
| Hey ruirib, that was a great idea. I tested it out on firefox, and my custom pages works like a charm. This means that my problem is ie specific. The problem with this now is that my company only permits employees to use ie7, which is the browser that is giving me the problem. What I really can't understand though is how come I can log on and use snitz perfectly with snitzs login page, but any other custom page will yeild these problems. I basically copied line for line code from the login page, which is really just DoCookies and setting some variables, but it just won't work. Any ideas? |
|
|
|
JohnathanKong
Starting Member
7 Posts |
Posted - 18 October 2007 : 16:14:50
|
| A couple of hours later, I think I have found the problem. It seems that it is more of an IIS setup issue rather then something dealing with custom code. It seems that my protected page is some how screwing up the way ie handles posts. I don't know why firefox was unaffected, but I know that this is the problem because when I load that protected page when it is empty, it gives me the same problems. I will have to look into this further, but atleast I know where the problem is. I would just like to thank you ruirib for the help. |
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
|
| |
Topic |
|
|
|
Topic Locked
