ISAPI app with ASP.NET connecting via TCP to a server

Posted on 2004-11-01
Last Modified: 2010-04-05
Hi! I need som help with a D8 solution. I just bought D8, and there is alot of differenses between D5 and D8.

I need a Web solution on an IIS connecting to a server and recieve data and present it on the web.

Meaning: A login check via the web server, from the webserver to the internal server and then present the result on the web.
I have never used .NET so if it is possible to help me with a start up project, this would be great.

More points will be given on delivery of a project.

I have a D5 solution for this today, but I would like to have a .NET solution, possibly with some type of cryptation at least for the password if possible.

Question by:mersan
    LVL 22

    Assisted Solution


       Webbroker doesn't include with Delphi 8, so you can't develop ISAPI with Delphi 8, the way you should go with is application

    But I think if you go with Web Services the work you want to done will be more easier, and you can use windows and web application as clients to connect to your web service

    here's some articles to help you to build that for Delphi 8 and Delphi 6/7,1418,10005,00.html



    Author Comment

    I will have a look, but I have some time presure, so if you can help me with some code specific for this problem, it will help me alot.

    LVL 22

    Expert Comment

    could you explain more for what would you like to accomplish
    LVL 17

    Expert Comment

    by:Wim ten Brink
    It's been a while since I worked with D8 again on a web-application with logon functionality, but it's not as difficult as you think. When you create a new ASP.NET project with Delphi 8, and save it, there will be a file called "web.config" in your project folder. As you could have guessed, this is where you set up the configuration for your project when it is running! ASP.NET will read this file and set up default values, and -if specified- it will check if the user is logged on or not. Best thing to do is Google for it since I myself was a bit limited by my web provider in the ways that I could use to log on. Still, is a very easy example of what I've done for a hobby page of mine. Too bad I'd hidden the logoff button a bit. (On the "Merchant" page at the bottom.) It's a crappy page, btw... I started with it when I first bought Delphi 8 but never found time to finish it.

    The web.config file for that page of mine looks like this: (Without the comments)

    <?xml version="1.0" encoding="utf-8" ?>
        <compilation debug="false"  defaultLanguage="c#">
        <customErrors mode="Off" />
        <authentication mode="Forms">
          <forms name=".Merchants" loginUrl="login.aspx" protection="All" timeout="60" path="/" slidingExpiration="true">
          <deny users="?"/>
        <trace enabled="false" requestLimit="10" pageOutput="false" traceMode="SortByTime" localOnly="true"/>
        <sessionState mode="InProc" stateConnectionString="tcpip=" sqlConnectionString="data source=;user id=sa;password=" cookieless="false" timeout="20"/>
        <globalization requestEncoding="utf-8" responseEncoding="utf-8"/>

    The important parts are the authentication and authorization parts. In the authorization I deny access to everyone. Thus, everyone has to authenticate first. And for authentication they have to visit the logon page, which responds on the buttonclick. The code behind this click is simple. I open a database connection, search for username and password and if ffound, I call:
      System.Web.Security.FormsAuthentication.RedirectFromLoginPage(Recs.Fields['FirstName'].Value.ToString, CheckBoxRemember.Checked);
    and afterwards, the user is authenticated, thus logged in.
    The fun thing is that ASP.NET will maintain information if the user is logged on or not and will even require the user to log on again once his logon info has expired.

    However, I used a HTTP:// link to the logon page, while a HTTPS:// would be more secure. Then again, this is a limitation of my webserver which doesn't (easily) support secure connections...

    Author Comment

    Hi Alex, this sounds good, the only differense is that I want to have a socket connection between the web server and an application that will return values some thing like this.

    Web page (login) -> web server -> win application

    The win applicetion will check with a server/database if the login is correct. and send the result to the web client.

    Web page (login) <- web server <- win application

    I will use an IIS-server so the secure should not be a problem I think.

    What is the best way to continue from here? Can you deliver a sample project? I will start an ASP.NET project and we´ll se where i get stuck.
    LVL 17

    Accepted Solution

    For a sample app I would first have to install D8 again, so that's a no. Sorry...
    If you need to connect to a remote server for authentication then you can easily do this from the logon form, though. What I did was:

    unit Login;


      System.Collections, System.ComponentModel, System.Data, System.Drawing, System.Web, System.Web.SessionState, System.Web.Security, System.Web.UI, System.Web.UI.WebControls, System.Web.UI.HtmlControls, ADODB, untDatabase;

      TWebFormLogin = class(System.Web.UI.Page)
      {$REGION 'Designer Managed Code'}
      strict private
        procedure InitializeComponent;
        procedure ButtonSubmit_Click(sender: System.Object; e: System.EventArgs);
      strict private
        procedure Page_Load(sender: System.Object; e: System.EventArgs);
      strict protected
        TextBoxUsername: System.Web.UI.WebControls.TextBox;
        TextBoxPassword: System.Web.UI.WebControls.TextBox;
        ButtonSubmit: System.Web.UI.WebControls.Button;
        CheckBoxRemember: System.Web.UI.WebControls.CheckBox;
        LiteralInfo: System.Web.UI.WebControls.Literal;
        RequiredFieldValidator1: System.Web.UI.WebControls.RequiredFieldValidator;
        procedure OnInit(e: EventArgs); override;


    {$REGION 'Designer Managed Code'}
    /// <summary>
    /// Required method for Designer support -- do not modify
    /// the contents of this method with the code editor.
    /// </summary>
    procedure TWebFormLogin.InitializeComponent;
      Include(Self.ButtonSubmit.Click, Self.ButtonSubmit_Click);
      Include(Self.Load, Self.Page_Load);

    procedure TWebFormLogin.Page_Load(sender: System.Object; e: System.EventArgs);
      if (TextBoxUsername.Text.Length = 0) then TextBoxUsername.Text := 'Guest';
      if (TextBoxPassword.Text.Length = 0) then TextBoxPassword.Text := 'guest';
      LiteralInfo.Text := 'For guests, use "Guest" as username and "guest" as password.';

    procedure TWebFormLogin.OnInit(e: EventArgs);
      inherited OnInit(e);

    procedure TWebFormLogin.ButtonSubmit_Click(sender: System.Object; e: System.EventArgs);
      Conn: Connection;
      Recs: Recordset;
      Conn := NewConnection(Context.Request.PhysicalApplicationPath);
      Recs := NewRecordset(Conn, 'select * from users');
      Recs.Filter := 'Username = ''' + TextBoxUsername.Text.Trim.ToUpper + '''';
      if (Recs.RecordCount = 0) then begin
        LiteralInfo.Text := 'Username "' + TextBoxUsername.Text.Trim + '" not found. Please try again.';
      end else if Recs.Fields['Password'].Value.ToString.Equals(TextBoxPassword.Text) then begin
        System.Web.Security.FormsAuthentication.RedirectFromLoginPage(Recs.Fields['FirstName'].Value.ToString, CheckBoxRemember.Checked);
      end else begin
        LiteralInfo.Text := 'Invalid password. Please try again.';


    Page_Load just sets up default login information in the editboxes but you could retrieve them from a cookie or from some other source. All other methods except ButtonSubmit_Click and Page_Load were created by D8, btw. And in ButtonSubmit_Click I know the user clicked on Logon so I check his credentials there.
    At that point, you could connect to another server like I connected to a database. The NewConnection() and NewRecordset() are just two simple functions I created to connect to an Access database with the user information.
    However, you do have to keep in mind that your web application must have access rights to connect to the second server, else IIS will just block it. (And this too is a limitation of my own webserver, since it doesn't allow webapps to connect to other locations on the Internet.)

    Basically, you get:
    Client logs in [username, password]
    Server 1 forwards [username, password]
    Server 2 validates [username, password]

    And if the data is valid, we continue with:
    Server 2 validated ok [username]
    Server 1 Authenticates [username]
    Client is logged on.

    If invalid, we get this:
    Server 2 reports error
    Server 1 returns error
    Client is NOT logged in and has to try again.

    Notice that if the user fails, the form is just re-used but LiteralInfo gets some value that is displayed to the user. It could be made even more complicated but hey, it was my first test 5 months ago and I've forgotten most about it again since I returned to Delphi 5 at work. (And Delphi 7 at home.) I like Delphi 8 yet am not too comfortable about it yet.

    Author Comment

    I will test this first thing tomorrow.

    Author Comment

    I tested it, but I cannot make it work. I will not communicate with my webserver.

    Never mind, I will try to make it work.


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Product Review - Android Remix

    Come along for the ride with our Senior Product Manager, Brian Matis, as he reviews the Android Remix.

    This article explains how to create forms/units independent of other forms/units object names in a delphi project. Have you ever created a form for user input in a Delphi project and then had the need to have that same form in a other Delphi proj…
    Hello everybody This Article will show you how to validate number with TEdit control, What's the TEdit control? TEdit is a standard Windows edit control on a form, it allows to user to write, read and copy/paste single line of text. Usua…
    In this Experts Exchange video Micro Tutorial, I'm going to show how small business owners who use Google Apps can save money by setting up what is called a catch-all email address in their Gmail accounts. By using the catch-all feature, small busin…
    In this sixth video of the Xpdf series, we discuss and demonstrate the PDFtoPNG utility, which converts a multi-page PDF file to separate color, grayscale, or monochrome PNG files, creating one PNG file for each page in the PDF. It does this via a c…

    884 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now