I've just worked out after hours of debugging, that the Authenticate extension performs only an OR statement on all the comparisons.

I debugged the hell out of it, and if the first comparison is True then the RulesPass is set to True and no more checking is done.

THIS SHOULD BE MADE CLEAR IN THE DOCUMENTATION and the dialog box.

Or have I misunderstood? :)

Not exactly true.... but kind of....

The way it works is exactly how it reads.

You can add a Restrict IF or an Allow IF... whenever either fails it goes to the next line untill the first criteria passes. Then it responds by restricting or allowing based on that rule and doesn't check the rest of the rules.

So it isn't an OR... it is a linear progression from one to the next until a response is triggered (the response being allow or restrict).

Thanks for the reply.

The problem is that I couldn't find any explanation about that in the documentation.

Even though the extension is great, it is misleading. How do we go about getting the documentation updated ?

I will bring it to the attention of our documentation team that this area could use clarification. Really it would be nice to get a tutorial on groups, rules, and how to use them throughout your site since there are a wide variety of appications outside of securityAssist where they can be valuable.

Jon,

We have provided a contact form for submitting requests or ideas to documentation. This is the perfect place for you to submit this comment.

This form can be accessed from the 'Submit Idea' link on all the product support pages. Or, by going to this link http://www.webassist.com/support/submit-idea.php.

Your submissions are reviewed, and when appropriate, added to the lineup of future documentation updates. If there is a possibility that your request can be satisfied by an existing piece of documentation, you will receive a reply explaining where this can be found.

-Neil

I'm having the same problem. I was to allow access to a page if either the Customer ID Session Variable is >1 ( so basically if there is one) OR ir the admin level is greater than 2.

It allows access on the first one, but fails if the person's admin level is greater than 2, because it had already failed on the first one.

I cant figure out what to do in this case... I want both groups of users to be allowed access.

Sorry, here is the code from the helper file on that rule:

case "loggedin":
$comparisons[0] = array(TRUE, "".((isset($_SESSION['CustomerID']))?$_SESSION['CustomerID']:"") ."", 5, "1");
$comparisons[1] = array(TRUE, "".((isset($_SESSION['level']))?$_SESSION['level']:"") ."", 5, "2");

Just to be clear...I re-read your answer above... If I am logged in as a customer.. I set a CustomerID variable, and so I am allowed access to the page. If I log out as a customer, and log in as an administer, level 5, then the first rule fails, but the second one should pass, since my admin level Session ID is set to 5, which is greater than 2, and I should be allowed access to the page by virtue of the second rule, but it does NOT allow me in.

That's the problem I am having.

Neil

It shouldn't... these are both "allow if" rules, so they shouldn't automatically fail when they are false. Please post a support incident and let me know your incident number. I'll try to work this out with you. Also make sure you have the most recent version of the extension installed from your order history.

OK thanks.