Solved

WebServer Login

Posted on 2000-03-30
8
569 Views
Last Modified: 2010-04-04
Hi,
I'm making a WebServer using ISAPI and I'd like know how can I make a login interface, let me be more clear, How do I know if the user is loged in my Site to make his request.
I'll appreciate any sample or idea.

Thanks....

NetBeto.
0
Comment
Question by:netbeto
8 Comments
 
LVL 13

Expert Comment

by:Epsylon
Comment Utility
0
 
LVL 17

Accepted Solution

by:
geobul earned 100 total points
Comment Utility
Hi,


I usually use cookies for this purpose.
First of all you have a login HTML page where the user submits his/her name and password. Something like:
--------------
<HTML>
<HEAD><TITLE>My Web Site Login Page</TITLE></HEAD>
<BODY>
<FORM METHOD=POST ACTION="/your_path/MyScript.dll/login">

UserName :<INPUT TYPE=text     NAME="login" MAXLENGTH=10 SIZE=10>
Password :<INPUT TYPE=password NAME="passw" MAXLENGTH=10 SIZE=10>

<INPUT TYPE=submit NAME="LoginBtn" VALUE="Login">
<INPUT TYPE=reset VALUE="Clear">

</FORM>
</BODY>
</HTML>
-----------
where 'MyScript.dll' is the name of the your ISAPI program and '/login' is the 'command', corresponding with Action Item with PathInfo property = '/login'.


Reading login data and setting cookies :

{ /login web action item }
procedure TWebModule1.WebModule1WebActionItem1Action(Sender: TObject;
  Request: TWebRequest; Response: TWebResponse; var Handled: Boolean);
var
  slCookies : TStringList;
  login, passw : string;
begin
  slCookies := TStringList.Create;
  ...
  { reading values from the Request}
  login:=Request.ContentFields.Values['login'];
  passw:=Request.ContentFields.Values['passw'];
  { Verifying the login - check in a database table for example }
  ...
  { adding cookies to string list if access is granted }
  if .... then begin
    slCookies.Add('login='+login);
    slCookies.Add('passw='+passw);
    { set cookies in Response }
    Response.SetCookieField(slCookies,'','',Date,False);
    Response.Content := ..... { next HTML page after successful login }
  end else
    { something is not correct - set empty cookies }
    slCookies.Add('login='+'');
    slCookies.Add('passw='+'');
    { set cookies in Response }
    Response.SetCookieField(slCookies,'','',Date,False);
    Response.Content := .... { HTML page for error - access denied }
  end;
  .......
  Response.SendResponse;
  slCookies.Free;
end;


Reading cookies in the next requests to verify the user:

{ Another web action item }
procedure TWebModule1.WebModule1WebActionItem2Action(Sender: TObject;
  Request: TWebRequest; Response: TWebResponse; var Handled: Boolean);
var
  login, passw : String;
begin
  ...
  login := Request.CookieFields.Values['login'];
  passw := Request.CookieFields.Values['passw'];
  if login <> '' then begin
    ...
  end;
  ...
end;

Regards, Geo
0
 

Author Comment

by:netbeto
Comment Utility
Listening...
0
 
LVL 3

Expert Comment

by:bryan7
Comment Utility
listenning
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:netbeto
Comment Utility
Hi Geo,
You said,
Reading cookies in the next requests to verify the user:

{ Another web action item }
procedure TWebModule1.WebModule1WebActionItem2Action(Sender: TObject;
  Request: TWebRequest; Response: TWebResponse; var Handled: Boolean);
var
  login, passw : String;
begin
  ...
  login := Request.CookieFields.Values['login'];
  passw := Request.CookieFields.Values['passw'];
  if login <> '' then begin
    ...
  end;
  ...
end;

Do I have to make some especial HTML to make requests after have loged on?? How can my ISAPI know about the last read Cookie??

Thanks,

NetBeto
0
 
LVL 17

Expert Comment

by:geobul
Comment Utility
Hi,

  Usually, after successful login, the server application sends main (index, default) HTML page to the client in response. Next requests are made from the main page (links, buttons etc.). In response to these requests the app sends another pages and so on.
  Your app can read login and pass cookies on every request (except login request because they are not set yet) in OnBeforeDispatch event handler and compare the values to the database.

  How can my ISAPI know about the last read Cookie?? - I do not understand what you mean.

Regards, Geo
0
 

Author Comment

by:netbeto
Comment Utility
Hi,
"Your app can read login and pass cookies on every request" do you mean that every link on my main page after login must send the login informations??

Thanks,

NetBeto.
0
 
LVL 17

Expert Comment

by:geobul
Comment Utility
Hi,
When your app has already set login info as cookies, the client browser takes care about sending them in every request. Your app sets them once on login and can read them many times (and every time). Links on pages are not involved here. Cookies are sending always when the browser makes a request to the server.

Regards, Geo
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Objective: - This article will help user in how to convert their numeric value become words. How to use 1. You can copy this code in your Unit as function 2. than you can perform your function by type this code The Code   (CODE) The Im…
Hello everybody This Article will show you how to validate number with TEdit control, What's the TEdit control? TEdit is a standard Windows edit control on a form, it allows to user to write, read and copy/paste single line of text. Usua…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now