Having Trouble with Security Assist
I am assuming I am missing something obvious. I have used the DW Login/Authentication behaviors for years, with no problems but I wanted the extra features of the WA versions. I am using PHP/MySQL
First off, it's looking for the values from my users table (called 'users') : User ID, User Name and Password. So I initially set them as:
User ID -> users.Email
User Name -> users.FirstName
Password -> users.Password
But the logon.php page was prompting for User Name which confused me, so I made both User ID and User Name map to users.Email
So when I log on it seems to work. I see "login.php?loggedIn=1" in my address bar.
Then I created a new page (logtest.php) and selected Server Behaviors -> Web Assist -> Security Assist -> Secure Page and when it asks for a rule I select "Logged in to users" and redirect to login.php on failure.
The problem is it aways fails, I always get redirected to logon.php
Here is my logtest.php page:
<?php require_once( "webassist/security_assist/helper_php.php" ); ?>
<?php
if (!WA_Auth_RulePasses("Logged in to users")){
WA_Auth_RestrictAccess("login.php");
}
@session_start();
?>
<!doctype html>
<html>
<head>
<meta charset="UTF-8">
<title>testing</title>
</head>
<body>
<p> You are logged in </p>
</body>
</html>
Checking my server variables I see I have:
SecurityAssist_ID xx@yyyy.com
FirstName Fred
Admin 9
The last two are values from my users table.
I am at a total loss. I've been working on this for hours, trying all sorts of combinations. i'm sure I'm just missing something simple.
Thanks in advance for any help.