Date:  03/19/2007 09:04:01 PM Msg ID:  003364
From:  Rob Thomas Thread:  003362
Subject:  Re: Auth
 >>>>>> have the user id and password in your FoxWeb code and want to pass it to the Auth class for programmatic authentication
 This is the case...
Thanks Rob..
Sent by FoxWeb Support on 03/19/2007 10:23:12 AM:
Please give us a bit more info on your needs.  Do you already have the user id and password in your FoxWeb code and want to pass it to the Auth class for programmatic authentication, or do you want to link to a FoxWeb script from another web application and pass the userid and password in the link?  If it's the latter, you can do so by passing the user id and password in the query string:
http://servername/path/scriptname.fwx?secUserID=XXX&secPassword=YYY 

Please note that this is not a very secure technique and should not be used for applications that involve really sensitive information.  The two problems I can think of are:

  • The URLs remain in the browser cache and history, which means that they can be recalled later -- even after the user logs out.  In order to remove the password the user would have to clear the browser history and close the browser.
  • The password will visible in the browser's location bar, so any individuals looking over the operator's shoulder will be able to see it.  In the past we have seen users mitigating this problem by immediately redirecting the user to a different URL that does not contain the password, using the Response.Redirect method.
FoxWeb Support Team
support@foxweb.com email
Sent by Rob Thomas on 03/18/2007 11:45:48 PM:
Is there a way to authenticate a user without using a form?
I already have the User and Password from another program that I just want to pass to Auth without forcing the user to authenticate again.
Rob Thomas