Difference between revisions of "Windows Authentication In A Web Application"

From PresenceWiki
Jump to: navigation, search
 
(37 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 
{{Tutorials}}
 
{{Tutorials}}
  
This document describes the processes needed to Autenticate a user accessing your pages using
+
 
 +
<h2>Overview</h2>
 +
 
 +
This document describes the processes needed to autenticate a user accessing your pages by using
 
their windows username and password.
 
their windows username and password.
  
 
This will then also enable you to track users through the site, so for instance, if they press a button on the site to action an event, you'll be able to log who actioned the event.
 
This will then also enable you to track users through the site, so for instance, if they press a button on the site to action an event, you'll be able to log who actioned the event.
  
The advantages of this are that:-
+
The advantages of this system are that:-
  
The user can use their windows username and password.
+
* The user can use their windows username and password.
The username is stored against the ip address, so that it will only need to be entered once for a machine.
+
* The httpsession variable is used so that the user only needs to login once.
The httpsession variable is used so that the user only needs to login once.
+
* The username is stored against the ip address, so that it will only need to be entered once for a machine.
A session will automatically expire when no new requests have been made for a set time.
+
* A session will automatically expire when no new requests have been made for a set time.
  
 +
<h2>Importing</h2>
  
 
You can download the tasks for this example from:-
 
You can download the tasks for this example from:-
 +
http://www.international-presence.com/wikidocs/samples/On_Demand_Windows_Login.xml
 +
 +
Once imported they should look like:-
 +
 +
http://www.international-presence.com/images/docs/userlogin/tasks.png
 +
 +
To embed the task, we just place the <b>Check Login Sub Task</b> before our normal OnDemand task page as you can see below in <b>Simple Task To Confirm Action</b>.
 +
 +
It might be that all OnDemand pages start from one single task, in which case we would place the <b>Check Login Sub Task</b> at the start of that task.
 +
 +
http://www.international-presence.com/images/docs/userlogin/embedded.png
 +
 +
If the username and password are valid, or if the httpsession already exists in the table, then the <b>Check Login Sub Task</b> task will return null, and so the calling task will continue.
 +
 +
We can see here (in the yellow box), the embedded <b>Check Login Sub Task</b> and a switch to continue if the ${response} variable is null.
 +
 +
 +
<h2>Description of Tasks</h2>
 +
 +
<b>Simple Task To Confirm Action</b> is the example task that shows you how to use <b>Check Login Sub Task</b> in your OnDemand tasks.
 +
 +
This task is our OnDemand task, that contains the <b>Check Login Sub Task</b>. As such it must be added to the OnDemand Queue:-
 +
 +
http://www.international-presence.com/images/docs/userlogin/ondemand.png
 +
 +
<b>Instructions</b> task explains how to configure the tasks.
 +
 +
The instructions task must be run once to create the DEMO.UserLogin table:-
 +
 +
http://www.international-presence.com/images/docs/userlogin/userlogin.png
 +
 +
It is this table that the other tasks use to store and retrieve data about who is logged in.
 +
 +
<b>Session Expiry</b> is a queued task that querys the Demo.UserLogin table effectively expiring sessions unused for 20 minutes.
 +
 +
This task must be added to the Task Queue.
 +
 +
http://www.international-presence.com/images/docs/userlogin/queued.png
 +
 +
<b>Check Login Sub Task</b> calls Login and updates the users details in the Demo.USerLogin table.
 +
 +
<b>Login</b> querys the username and password against the system and either returns a null response or a login panel.
 +
 +
<b>Check User Exists in LDAP</b> performs an LDAP Query against your active directory to Query if the username exists.
 +
 +
<h2>In Use</h2>
 +
 +
Start the httpserver and go to http://localhost/task/newconfirmtask
 +
 +
The first time you should see the following:-
 +
 +
http://www.international-presence.com/images/docs/userlogin/pleaseenterausername.png
 +
 +
This will require a valid windows username and password combination:-
 +
 +
http://www.international-presence.com/images/docs/userlogin/pleaseenterapassword.png
 +
 +
If the password is incorrect then you will get the following:-
 +
 +
http://www.international-presence.com/images/docs/userlogin/usernamepasswordincorrect.png
 +
 +
The username is looked up via an LDAP Query, so if it does not exist you will see:-
 +
 +
http://www.international-presence.com/images/docs/userlogin/usernamenotfound.png
 +
 +
As the task validates that the http session is logged in, Once the user is logged in they will stay logged in.
 +
 +
This means that once the username and password have been successfully entered, subsequent visits to http://localhost/task/newconfirmtask will pass straight through to the rest of the OnDemand page.

Latest revision as of 08:25, 17 October 2012

Tutorial Pages > Windows Authentication In A Web Application


Overview

This document describes the processes needed to autenticate a user accessing your pages by using their windows username and password.

This will then also enable you to track users through the site, so for instance, if they press a button on the site to action an event, you'll be able to log who actioned the event.

The advantages of this system are that:-

  • The user can use their windows username and password.
  • The httpsession variable is used so that the user only needs to login once.
  • The username is stored against the ip address, so that it will only need to be entered once for a machine.
  • A session will automatically expire when no new requests have been made for a set time.

Importing

You can download the tasks for this example from:- http://www.international-presence.com/wikidocs/samples/On_Demand_Windows_Login.xml

Once imported they should look like:-

http://www.international-presence.com/images/docs/userlogin/tasks.png

To embed the task, we just place the Check Login Sub Task before our normal OnDemand task page as you can see below in Simple Task To Confirm Action.

It might be that all OnDemand pages start from one single task, in which case we would place the Check Login Sub Task at the start of that task.

http://www.international-presence.com/images/docs/userlogin/embedded.png

If the username and password are valid, or if the httpsession already exists in the table, then the Check Login Sub Task task will return null, and so the calling task will continue.

We can see here (in the yellow box), the embedded Check Login Sub Task and a switch to continue if the ${response} variable is null.


Description of Tasks

Simple Task To Confirm Action is the example task that shows you how to use Check Login Sub Task in your OnDemand tasks.

This task is our OnDemand task, that contains the Check Login Sub Task. As such it must be added to the OnDemand Queue:-

http://www.international-presence.com/images/docs/userlogin/ondemand.png

Instructions task explains how to configure the tasks.

The instructions task must be run once to create the DEMO.UserLogin table:-

http://www.international-presence.com/images/docs/userlogin/userlogin.png

It is this table that the other tasks use to store and retrieve data about who is logged in.

Session Expiry is a queued task that querys the Demo.UserLogin table effectively expiring sessions unused for 20 minutes.

This task must be added to the Task Queue.

http://www.international-presence.com/images/docs/userlogin/queued.png

Check Login Sub Task calls Login and updates the users details in the Demo.USerLogin table.

Login querys the username and password against the system and either returns a null response or a login panel.

Check User Exists in LDAP performs an LDAP Query against your active directory to Query if the username exists.

In Use

Start the httpserver and go to http://localhost/task/newconfirmtask

The first time you should see the following:-

http://www.international-presence.com/images/docs/userlogin/pleaseenterausername.png

This will require a valid windows username and password combination:-

http://www.international-presence.com/images/docs/userlogin/pleaseenterapassword.png

If the password is incorrect then you will get the following:-

http://www.international-presence.com/images/docs/userlogin/usernamepasswordincorrect.png

The username is looked up via an LDAP Query, so if it does not exist you will see:-

http://www.international-presence.com/images/docs/userlogin/usernamenotfound.png

As the task validates that the http session is logged in, Once the user is logged in they will stay logged in.

This means that once the username and password have been successfully entered, subsequent visits to http://localhost/task/newconfirmtask will pass straight through to the rest of the OnDemand page.