Alpha Software Mobile Development Tools:   Alpha Anywhere    |   Alpha TransForm subscribe to our YouTube Channel  Follow Us on LinkedIn  Follow Us on Twitter  Follow Us on Facebook
Devcon 2020 Goes Virtual! LEARN MORE >

Announcement

Collapse

The Alpha Software Forum Participation Guidelines

The Alpha Software Forum is a free forum created for Alpha Software Developer Community to ask for help, exchange ideas, and share solutions. Alpha Software strives to create an environment where all members of the community can feel safe to participate. In order to ensure the Alpha Software Forum is a place where all feel welcome, forum participants are expected to behave as follows:
  • Be professional in your conduct
  • Be kind to others
  • Be constructive when giving feedback
  • Be open to new ideas and suggestions
  • Stay on topic


Be sure all comments and threads you post are respectful. Posts that contain any of the following content will be considered a violation of your agreement as a member of the Alpha Software Forum Community and will be moderated:
  • Spam.
  • Vulgar language.
  • Quotes from private conversations without permission, including pricing and other sales related discussions.
  • Personal attacks, insults, or subtle put-downs.
  • Harassment, bullying, threatening, mocking, shaming, or deriding anyone.
  • Sexist, racist, homophobic, transphobic, ableist, or otherwise discriminatory jokes and language.
  • Sexually explicit or violent material, links, or language.
  • Pirated, hacked, or copyright-infringing material.
  • Encouraging of others to engage in the above behaviors.


If a thread or post is found to contain any of the content outlined above, a moderator may choose to take one of the following actions:
  • Remove the Post or Thread - the content is removed from the forum.
  • Place the User in Moderation - all posts and new threads must be approved by a moderator before they are posted.
  • Temporarily Ban the User - user is banned from forum for a period of time.
  • Permanently Ban the User - user is permanently banned from the forum.


Moderators may also rename posts and threads if they are too generic or do not property reflect the content.

Moderators may move threads if they have been posted in the incorrect forum.

Threads/Posts questioning specific moderator decisions or actions (such as "why was a user banned?") are not allowed and will be removed.

The owners of Alpha Software Corporation (Forum Owner) reserve the right to remove, edit, move, or close any thread for any reason; or ban any forum member without notice, reason, or explanation.

Community members are encouraged to click the "Report Post" icon in the lower left of a given post if they feel the post is in violation of the rules. This will alert the Moderators to take a look.

Alpha Software Corporation may amend the guidelines from time to time and may also vary the procedures it sets out where appropriate in a particular case. Your agreement to comply with the guidelines will be deemed agreement to any changes to it.



Bonus TIPS for Successful Posting

Try a Search First
It is highly recommended that a Search be done on your topic before posting, as many questions have been answered in prior posts. As with any search engine, the shorter the search term, the more "hits" will be returned, but the more specific the search term is, the greater the relevance of those "hits". Searching for "table" might well return every message on the board while "tablesum" would greatly restrict the number of messages returned.

When you do post
First, make sure you are posting your question in the correct forum. For example, if you post an issue regarding Desktop applications on the Mobile & Browser Applications board , not only will your question not be seen by the appropriate audience, it may also be removed or relocated.

The more detail you provide about your problem or question, the more likely someone is to understand your request and be able to help. A sample database with a minimum of records (and its support files, zipped together) will make it much easier to diagnose issues with your application. Screen shots of error messages are especially helpful.

When explaining how to reproduce your problem, please be as detailed as possible. Describe every step, click-by-click and keypress-by-keypress. Otherwise when others try to duplicate your problem, they may do something slightly different and end up with different results.

A note about attachments
You may only attach one file to each message. Attachment file size is limited to 2MB. If you need to include several files, you may do so by zipping them into a single archive.

If you forgot to attach your files to your post, please do NOT create a new thread. Instead, reply to your original message and attach the file there.

When attaching screen shots, it is best to attach an image file (.BMP, .JPG, .GIF, .PNG, etc.) or a zip file of several images, as opposed to a Word document containing the screen shots. Because Word documents are prone to viruses, many message board users will not open your Word file, therefore limiting their ability to help you.

Similarly, if you are uploading a zipped archive, you should simply create a .ZIP file and not a self-extracting .EXE as many users will not run your EXE file.
See more
See less

Creating login Credentials for 20,000+ users

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    Creating login Credentials for 20,000+ users

    Hello world, I have an existing web app that we (we = administrative staff) use at our school for data entry which tracks all classes and current status for all of our students.

    I would like to extend access to all of our students using the alpha web security but I'm a bit at a loss of how the best way of doing this is. We have more than 20,000 students in our database and I want to create a login page that uses their StudentID# as username and their SSN as the password.

    One way I thought of doing this was to create a separate application for students only, and have them register with the new blank web security tables that are separate from the administrative users.

    So on the pre-built alpha ux registration component do some kind of look-up to see if the student exists then just have them verify all the personal info that we have on file for them and submit the form then redirect to a portal where they can manage their personal info and see how they are doing etc., and if the user does NOT exist, Send them to a blank page that will enter them insto our existing system.

    Im asking this question to get some input from professionals before I begin on this massive quest, I dont want to be a month into this project and find out there was an easier way of handling this. Any and all feedback is welcomed.
    Tags: None
    #2
    Re: Creating login Credentials for 20,000+ users

    I think you could do all of this in SQL with just a few statements. You can even create the GUID in SQL. You just need the right data in those security tables and all students would then be "registered".

    These students will be accessing the same app that the administrators have access to?
    Mike Brown - Contact Me
    Programmatic Technologies, LLC
    Programmatic-Technologies.com
    Independent Developer & Consultant​​

    Comment

      #3
      Re: Creating login Credentials for 20,000+ users

      Yes I think I can create it using SQL also with statements, but not all students would be logging in since some have graduated and moved on, Plus I want to create a registartion page for students who are not currently students.

      Students will be accessing a similar but completely separate components with different security settings (I plan to use the TabbedUI).

      Ive already started, technically,I let alpha create the web security tables for me. One of my Main concerns, well two of my main concerns is, (1) can the alpha server handle that much traffic (we have 2,000 active students currently) (2) Is using the builtin alpha security more secure than something I would be able to create with out it.

      I dont know how to build ux's without alpha, any suggestions here?

      Comment

        #4
        Re: Creating login Credentials for 20,000+ users

        I see. I think a registration page is the way to go. I would use a SQL store procedure to handle the creating of records in the security tables (I like to handle that part myself. Personal preference). Not sure of how secure you need the accounts to be. In my apps users need to provide a valid e-mail. That e-mail is then verified through a link I create and send in an e-mail to the user. I also have my users create security questions for when they loose their passwords. Passwords are hashed and salted. Too much liability when you storing personal info like social security numbers. The app and it's security needs to be air tight.

        I think Alpha can handle that many users. Not all of them will be logging in and using the app all at once. With that many users you may need to purchase another app server or two and then use a load balancer but you'll need to feel that out. Also, you can run multiple instances of the same app server. In one app I support I have six instances across two separate app servers (using a load balancer). That app has around that many users too but only a small percentage is ever on at once.
        Mike Brown - Contact Me
        Programmatic Technologies, LLC
        Programmatic-Technologies.com
        Independent Developer & Consultant​​

        Comment

          #5
          Re: Creating login Credentials for 20,000+ users

          Totally wrong approach. SSN as the password? DON'T DO IT! In addition to that being personal private information. YOU should not know the user's password.

          Now that I got that out of my system, it is still the wrong approach to pre-register all of those users. If your place is typical, you will add 20,000 users and some 10% will ever use it, and the 90% will just sit idle, waiting for someone to hack it. Instead, put zero people in the security system. Add them instead to a User table with their name, and other information, and a GUID for each user (don't use a sequential value as the ID for users). Then send them all an email with a time-sensitive link (a like that only works for maybe a week) telling them to click to register. By when they register, do a double opt-in process, meaning you send them back an email after they register and ONLY when the click on a second time sensitive link in that email, do you add them to the security system, and they can login from that point on.

          The built in security is great, no reason not to use it.

          The app server can handle 2000 users IF they login and use the system throughout the day. But if they all are going to use it at the same time, it won't work without additional resources, multiple Alpha instances, etc.

          Here is an article written in 2002 about why you should not use SSN as the password, and other sins: http://usatoday30.usatoday.com/tech/...-privacy_x.htm
          Steve Wood
          See my profile on IADN

          Comment

          Previous template Next
          Working...
          X