This continues from here: https://www.experts-exchange.com/questions/28944519
Basic scenario is that I have some VBA code from which I would like to be able to direct users to a closed forum. If the user is not registered on the forum then I would like to automate the process.
MlandaT provided the solution I asked for and Ray Paseur provided the warning that I needed... thanks to both.
In reality, the exact circumstances are slightly more complicated than the original question alluded to.
The VBA code is subject to registration checks, which is done online using SOAP / POST etc.. The website that hosts the forum is NOT related to the website that checks registration.
My current plan of attack is:
- VBA sends request to a page on my Forum with: userName, PassWord, & registration details in the URL... (the VBA has ready access to this information)
- based on the registration details, the page that the VBA lands on sends a soap request to the registration website and waits for a response
- If the soap response indicates the user is currently registered then login may proceed
- If the current user does NOT have a valid login then a new account is created automatically as per MlandaT
- If the current user already has a valid login then they are logged in
Does this alleviate all the security concerns? Is there a better way?