Link to home
Start Free TrialLog in
Avatar of tracyms
tracyms

asked on

Authenticate Before Opening File

Hello Experts,

I have about separate 10 web pages for users. Instead of sending them the URL each time a new person needs access to the page, I’d like to set it up as so:

I have an app that will open each of the web pages when you select it. I’d like some way to authenticate the user so it’ll only go to the page for them.

So let’s say Tom needs access to FINANCE and GRANTS pages, but should not see the rest. I would want to add Tom to the FINACE and GRANTS group so when he opens the app below, his only options would be HRD.html and Finance.html pages.

I suppose I could do some case statements in the script and a prompt to validate hard coded user names but I’d rather not put user names in the script.

Could I use a prompt to authenticate to a file/group before opening the page?  Any ideas? Thanks!

<html>
<head>
<title>Apps</title>
<HTA:APPLICATION
   Application ID = "Test"
   APPLICATIONNAME = "Test"
   BORDER="thin"
     SCROLL="no"
     SINGLEINSTANCE="yes"
     WINDOWSTATE="normal"
	 SysMenu="no"
 />
</head>
<script language="vbScript">

Sub Window_onLoad
window.resizeTo 680,470
End Sub

Sub GetURL
thisURL = urldrop.value
document.getElementById("noiwin").innerHTML = "<iframe width='800' height='500' src='" & thisURL & "'></iframe>"
End Sub

</SCRIPT>
<body>
<select name="urldrop" style="width: 200px" onchange="GetURL">
<option value="AppSelect.html">Select Application</option>

<option value="Finance.html">FINANCE</option> - If username in FINANCE group then view this
<option value="HRD.html">HRD</option> - If username in HRD group then view this
<option value="REG.html">REG</option> - If username in REG group then view this
<option value="GRANTS.html">Grants</option> - If username in GRANTS group then view this

</select>


<span id="noiwin"></span>
</body>
</html>
  

Open in new window

Avatar of Paul MacDonald
Paul MacDonald
Flag of United States of America image

If you're using IIS, you can use Windows authentication to grant/deny access to various pages.  Just set the NTFS permissions on each page appropriately.  Users will still see all the pages in the dropdown, but will only be able to access the ones they have permissions to.

Alternately, code your dropdown menu to only add items the user would have access to, based on their AD Group membership.
Avatar of tracyms
tracyms

ASKER

Thanks Paul but I'm not using IIS nor do I have access to Active Directory users/groups. This is an HTML Application that's a feature built in to Windows, some information about it here:

https://docs.microsoft.com/en-us/previous-versions//ms536496%28v%3dvs.85%29

I do believe HTML Applications can find the logged in user but I'd still need a way to compare it the user who should be accessing the page.
"I have an app that will open each of the web pages when you select it."
Is this the HTA?  Does it just have links that point to traditional web pages?  Or does the HTA contain all the pages for everyone, and you only want to permit access the appropriate ones?

What back-end server technology do you have access to, if any?  Web server/database server, etc?
Avatar of tracyms

ASKER

Is this the HTA?

Yes

Does it just have links that point to traditional web pages?

The web pages are actually HTAs saved as html files, and the links point to those pages.

What back-end server technology do you have access to, if any?  Web server/database server, etc?

The hta/html files have a SQL database backend that queries information specific to user needs - this is an example of one of the pages:


https://www.experts-exchange.com/questions/29132963/Dependent-Drop-List-SQL-and-VBS.html?headerLink=workspace_answered_questions


Or does the HTA contain all the pages for everyone, and you only want to permit access the appropriate ones?


Not currently, but that's what I want to do. I can easily add all the pages.


I don't how to go about it, I can capture the current logged in user name in the script but I would need to compare/match it to something...that's why I was thinking maybe a list of users in a text file for the comparison to current logged in user as a prompt...of course I could be over-thinking, it's just an idea for now. Thanks!
ASKER CERTIFIED SOLUTION
Avatar of Paul MacDonald
Paul MacDonald
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of tracyms

ASKER

It's deployed to individual users on the network. It's not a big deal, it was a way of keeping them all together instead of sending to each individual user as needed...and as mentioned, just a thought. Thanks!