Session ID

Hi,

if I create a simple log-in and a simple rule is that OK, to protect, my pages? I mean, is the SESSION that is created by the browser automaticly be checked.or only the the things that I check in my created rules?

Denis

the Session ID will not be checked automatically, only the variables that you use in the rules.

how can I make the session ID be checked?
I the login-page, I think I need to create a session with that sessionID. give it a name and then check it, right?

how does that work?

Or isnt that nessesary to make a save members area?

Denis

That is not necessary.

Using security assist, a session variable is created to hold the primary key value for the logged in users record from the users table. This value uniquely identifies the user, and can be used to return records from the database related to the logged in user.

So, for example the user logs in. His unique Key in the database is 10.

so I create (with the authentification wizzard) set uniqueKey(10) as memberID.

so the 10 is stored in the memberID session.

If I only want this to lock my pages, how do I set the RULE?

RESTRICT if memberID is 0???


sorry for asking that much, but I need to setup a memberpage totally save :-))

If you run the security assist wizard it will create the rule automatically for you.


the rule will be created as


Allow If
Session memberID
Not Equal
[blank] <- leave value field blank in the rule

jason, thanks a lot :-)


Denis