Difference between revisions of "Windows Authentication In A Web Application"
Line 33: | Line 33: | ||
http://www.international-presence.com/images/docs/userlogin/pleaseenterausername.png | http://www.international-presence.com/images/docs/userlogin/pleaseenterausername.png | ||
− | This will require a valid windows username and password combination | + | This will require a valid windows username and password combination:- |
http://www.international-presence.com/images/docs/userlogin/pleaseenterapassword.png | http://www.international-presence.com/images/docs/userlogin/pleaseenterapassword.png | ||
+ | |||
+ | If the password is incorrect then you will get the following:- | ||
http://www.international-presence.com/images/docs/userlogin/usernamepasswordincorrect.png | http://www.international-presence.com/images/docs/userlogin/usernamepasswordincorrect.png | ||
+ | |||
+ | The username is looked up via an LDAP Query, so if it does not exist you will see:- | ||
http://www.international-presence.com/images/docs/userlogin/usernamenotfound.png | http://www.international-presence.com/images/docs/userlogin/usernamenotfound.png | ||
+ | |||
+ | If the username and password are valid, then the "" task will return null, and so the calling task will continue in | ||
+ | this case showing the task select ondemand screen. | ||
+ | |||
+ | AS the task validates that the http session is logged in, Once the user is logged in they will stay logged in. | ||
+ | |||
+ | If they don't undertake an action for 20 minutes, the session is reset and they are effectively logged out. | ||
http://www.international-presence.com/images/docs/userlogin/tasks.png | http://www.international-presence.com/images/docs/userlogin/tasks.png |
Revision as of 15:05, 23 August 2010
Tutorial Pages > Windows Authentication In A Web Application |
This document describes the processes needed to Autenticate a user accessing your pages by using their windows username and password.
This will then also enable you to track users through the site, so for instance, if they press a button on the site to action an event, you'll be able to log who actioned the event.
The advantages of this are that:-
The user can use their windows username and password. The httpsession variable is used so that the user only needs to login once. The username is stored against the ip address, so that it will only need to be entered once for a machine. A session will automatically expire when no new requests have been made for a set time.
You can download the tasks for this example from:- http://www.international-presence.com/wikidocs/samples/On_Demand_Windows_Login.xml
To embed the task, we just place the "Check Login Sub Task" before our normal ondemand task page.
It might be that all ondemand pages start from one single task,
in which case we would place the "Check Login Sub Task" at the start of that task.
http://www.international-presence.com/images/docs/userlogin/embedded.png
http://www.international-presence.com/images/docs/userlogin/userlogin.png
Start the httpserver and go to http://localhost/task/newconfirmtask
The first time you should see the following:-
http://www.international-presence.com/images/docs/userlogin/pleaseenterausername.png
This will require a valid windows username and password combination:-
http://www.international-presence.com/images/docs/userlogin/pleaseenterapassword.png
If the password is incorrect then you will get the following:-
http://www.international-presence.com/images/docs/userlogin/usernamepasswordincorrect.png
The username is looked up via an LDAP Query, so if it does not exist you will see:-
http://www.international-presence.com/images/docs/userlogin/usernamenotfound.png
If the username and password are valid, then the "" task will return null, and so the calling task will continue in this case showing the task select ondemand screen.
AS the task validates that the http session is logged in, Once the user is logged in they will stay logged in.
If they don't undertake an action for 20 minutes, the session is reset and they are effectively logged out.
http://www.international-presence.com/images/docs/userlogin/tasks.png
Simple Task To Confirm Action
Instructions
Session Expiry
Check Login Sub Task
Login
Check User Exists in LDAP
http://www.international-presence.com/images/docs/userlogin/queued.png
http://www.international-presence.com/images/docs/userlogin/ondemand.png