Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

› WebAssist Forums › Data Bridge › SecurityAssist › Struggling with SecurityAssist docs

Struggling with SecurityAssist docs

Thread began 9/08/2010 9:09 pm by Bryan M | Last modified 9/09/2010 8:06 am by Bryan M | 1559 views | 5 replies |

9/08/2010 9:09 pm | #1 Bryan M

Struggling with SecurityAssist docs

Hello all,

MessageI want to perform this simple functionality but am struggling with the docs:

1) User points to admin.php
2) If not logged in, redirect to login page
3) If login is successful, redirect to admin page

I used the wizard to create my rules and redirection but it isn't working like I expected.

When I click on admin.php I am not redirected to the login page even though my access list says that page requires login. I simply get the login error message (userauth_Error.php).

Thanks!

9/09/2010 6:49 am | #2 Jason ByrnesWebAssist

did you enable auto login?

It sounds like you created the login page with the remember me and auto login option, and the cookies storing the username and password have bad values causing the redirect to the login page to attempt login automatically and fail.

Try using a different browser, or try clearing the cookies in your browser.

9/09/2010 7:25 am | #3 Bryan M

No, I did not enable auto login. Since I don't have the cookies toolkit installed the "remember me" and auto login" boxes were greyed out.

9/09/2010 7:38 am | #4 Bryan M

Apparently, I am not doing something correctly.

I tried a completely different browser with no session variables laying around.

I load my main.php which contains only a link to admin.php.

I click on the link to admin.php and am immediately taken to the login error page. Do I need to explicitly code the redirect to the login page?

The admin.php page contains this code snippet

<?php require_once( "WA_SecurityAssist/Helper_PHP.php" ); ?>
<?php
if (!WA_Auth_RulePasses("Logged in to userauth")){
    WA_Auth_RestrictAccess("userauth_Error.php");
}

where "Logged in to to userauth" is my access rule.

9/09/2010 7:52 am | #5 Jason ByrnesWebAssist

yes, if you want it to go to the login page on failure, then you need to tell it to go to the login page on failure.

your code:

php:

<?php
if (!WA_Auth_RulePasses("Logged in to userauth")){
    WA_Auth_RestrictAccess("userauth_Error.php");
}
?>

is telling it to go to the userauth_Error.php page if the page access rule fails. Change that to point to the login page.

9/09/2010 8:06 am | #6 Bryan M

Thanks Jason. That makes sense now but perhaps not at first blush.

I'll submit a note to clear the docs up for the wizard.

Cheers!

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now. Build a store, a gallery, or a web-based email solution.