close ad
 
Important WebAssist Announcement
open ad
View Menu

Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

 
WebAssist ForumsData BridgeSecurityAssist › Redirect Problem when Authenticating
Sign in to rate this thread
rating

Redirect Problem when Authenticating

Thread begun 7/22/2009 12:06 pm by anonymous | Last modified 8/01/2009 8:27 pm by troyd | 8078 views | 12 replies |

7/22/2009 12:06 pm  |  #1 anonymous

Redirect Problem when Authenticating

I have an issue where I set up authentication and a redirect page if the authentication is successful - but when a valid username and password are entered - instead of redirecting to the new page - it appends the current url with "?accesscheck=%2F" and then the correct redirect page.

So, it looks like this: 

http://www.mysite.com/loginpage.php?accesscheck=%2Fredirctpage.php



Any thoughts on what is causing this error? Something is not letting it redirect properly.

Thanks

Sign in to reply to this post

7/22/2009 12:17 pm  |  #2 Ray BorduinWebAssist

%2F is the encoded value for a slash. It should not cause problems... it sends the page as an root relative link including the slash so that it can properly redirect from subdirectories.

Sign in to reply to this post
Did this help? Tips are appreciated...

7/22/2009 12:20 pm  |  #3 anonymous

Ray,

I get that but I can't figure out why it is not redirecting properly and instead it is appending the redirect with that stuff to the current login url rather than allowing to redirect.

Sign in to reply to this post

7/22/2009 12:33 pm  |  #4 Ray BorduinWebAssist

After you login, what page does it take you to? Did you select the option to return to previous page if specified?

Sign in to reply to this post
Did this help? Tips are appreciated...

7/22/2009 12:40 pm  |  #5 anonymous

Ray,

I think there is actually an issue with the access rule manager. I just decided to strip out the restrict rules access on the redirect page and everything redirects correctly now... so I need see why the session variable is not setting correctly or pulling from the database.

Sign in to reply to this post

7/27/2009 2:06 pm  |  #6 troyd

I've looked everywhere on how to setup the redirect part. I have the login working and the validation working. However, the only way I have found to redirect after the correct login is authenticated, is to put the url of the page I want them to be directed to, into the form action. And that can't be right.

Now, I know that the Wizard will build this for me. But this is for an Admin page like that created in the User Registration solution where it authenticates from the globals.php page.
So instead of the Security Assist show region saying "your logged in", I wanted it to just redirect.

Thanks,
Troy

Sign in to reply to this post

7/29/2009 7:57 am  |  #7 Ray BorduinWebAssist

You can create a rule for when you want to redirect, then apply the security assist page level security on the current redirect page using that rule and specify the page you want to redirect to.

Sign in to reply to this post
Did this help? Tips are appreciated...

7/29/2009 11:28 am  |  #8 troyd

Thanks Ray.
I was trying to go that route, but I am confused on the rules. If I create a rule under "Grant Access if:", that says if the session login matches the globals.php where the login is stored, then the only option I see is "If access denied, go to:".
I don't see any place that says "If access successful, go to:" like it does in the Wizard.

Do I create a rule using a double negative? Such as if a rule is NOT "Rule", then "If access denied, go to:" newpage.php?

I know that didn't make sense, but maybe you will understand where I going with it.

Thanks,
Troy

Sign in to reply to this post

7/29/2009 3:06 pm  |  #9 Ray BorduinWebAssist

Any rule includes the "not" rule for the inverse. When you apply the page protection server behavior any rules are listed with their opposite.

Sign in to reply to this post
Did this help? Tips are appreciated...

7/31/2009 7:26 am  |  #10 troyd

Ray,

I have tried doing this several ways. While using the "NOT Administrator" rule, I get an error from my Fire Fox browser saying "Redirect Loop Error".
So I created a new rule called "Redirect" and set it to compare the "AdminLogin" session to the globals.php info, but this time I used "<>". And then applied the "Redirect" rule to redirect to the new page if the admin login equals the session. In other words, the rule is that the admin username should not equal the session "AdminLogin". If it does, redirect to the newpage.php.

This works after I login but only if I refresh the page. So how do I trigger this rule to apply after a login and not on the page loading?

Here is my rules code from the HelperGroupsRulesPHP.php file.
<?php

function WA_Auth_GetComparisonsForRule($ruleName){
$comparisons = array();

switch ($ruleName){
case "Administrator":
$comparisons[0] = array(TRUE, "".((isset($_SESSION['AdminLogin']))?$_SESSION['AdminLogin']:"") ."", 1, "".$GLOBALS['WAGLOBAL_Admin_Password'] ."");
break;
case "Redirect":
$comparisons[0] = array(TRUE, "".((isset($_SESSION['AdminLogin']))?$_SESSION['AdminLogin']:"") ."", 2, "".$GLOBALS['WAGLOBAL_Admin_Password'] ."");
break;
}
return $comparisons;
}


function WA_Auth_GetGroup($groupName){
$group = Array();

switch ($groupName){
}
return $group;
}

?>


A little more information here: This is a login page that compares the login to the globals.php page. Not a database. I copied lines 3-13 from a users_login.php page generated by the Security Assist wizard as per instructions from support on an earlier issue. So I am not sure if there may be a conflict now. Here is that part of the code, for easy reference.

<?php
if (!session_id()) session_start();
if((((isset($_POST["userName"]) && $_POST["userName"]==$WAGLOBAL_Admin_UserName)?$_POST["userName"]:"") != "")) {
$_SESSION["AdminLogin"] = "".((isset($_POST["Password"]))?$_POST["Password"]:"") ."";
}
?>
<?php
if((((isset($_POST["userName"]) && $_POST["userName"]==$WAGLOBAL_Admin_UserName)?$_POST["userName"]:"") != "")) {
header("location : index.php");
}
?>

Thanks,
Troy

Sign in to reply to this post
loading

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now.  Build a store, a gallery, or a web-based email solution.

Want your website pre-built and hosted?

Everything else!

Close Windowclose

Rate your experience or provide feedback on this page

Account or customer service questions?
Please user our contact form.

Need technical support?
Please visit support to ask a question

Content

rating

Layout

rating

Ease of use

rating

security code refresh image

We do not respond to comments submitted from this page directly, but we do read and analyze any feedback and will use it to help make your experience better in the future.

go to page top
Close Windowclose

We were unable to retrieve the attached file

Close Windowclose

Attach and remove files

add attachmentAdd attachment
Close Windowclose

Enter the URL you would like to link to in your post

Close Windowclose

This is how you use right click RTF editing

Enable right click RTF editing option allows you to add html markup into your tutorial such as images, bulleted lists, files and more...

-- click to close --

Uploading file...