Is there an xbasic function that will cause a user to be logged in to the alpha five security system, without needing to specify their password when invoking the function?
I'm looking for an alternative to the a5ws_login_user() function, which I think does require a password to be supplied.
This is for an "intranet" environment where we need to let employees use their existing passwords from LDAP or Active Directory. To summarize what I've found on the message board (many thanks!!): it sounds like we can bypass the built-in password system in Alpha Five while still taking advantage of all of the other built-in features in the security system; all we have to do is avoid using the "official" login web component. Instead we use a dialog to collect a username and password, and in its "validate" event we use a little xbasic script to check the password against LDAP or Active Directory, and then that invokes a function to tell Alpha Five that the person should now be considered to be logged in.
I suppose there probably isn't a function that allows us to log people in without knowing their alpha password, but it would make things simpler for us if it does exist. If the answer is "no" then I suppose we could make up one "master password" and assign it to every user in alpha five (the users themselves will never see that password) and then have the script use that when invoking a5ws_login_user().
(To be complete, I suppose I should comment on how we'll create users in alpha five. For that we're taking advantage of the "using SQL tables in web security" technique that allows us to relocate the alpha five security tables so they exist in our Microsoft SQL Server database. We have scheduled a windows powershell script to run now and then to find any newly created Active Directory users that don't yet exist in our SQL table, and add them to the table.)
I'm looking for an alternative to the a5ws_login_user() function, which I think does require a password to be supplied.
This is for an "intranet" environment where we need to let employees use their existing passwords from LDAP or Active Directory. To summarize what I've found on the message board (many thanks!!): it sounds like we can bypass the built-in password system in Alpha Five while still taking advantage of all of the other built-in features in the security system; all we have to do is avoid using the "official" login web component. Instead we use a dialog to collect a username and password, and in its "validate" event we use a little xbasic script to check the password against LDAP or Active Directory, and then that invokes a function to tell Alpha Five that the person should now be considered to be logged in.
I suppose there probably isn't a function that allows us to log people in without knowing their alpha password, but it would make things simpler for us if it does exist. If the answer is "no" then I suppose we could make up one "master password" and assign it to every user in alpha five (the users themselves will never see that password) and then have the script use that when invoking a5ws_login_user().
(To be complete, I suppose I should comment on how we'll create users in alpha five. For that we're taking advantage of the "using SQL tables in web security" technique that allows us to relocate the alpha five security tables so they exist in our Microsoft SQL Server database. We have scheduled a windows powershell script to run now and then to find any newly created Active Directory users that don't yet exist in our SQL table, and add them to the table.)
Comment