wwResponse::Authenticate

This method is used to perform a request for Web server Basic Authentication to occur. When this method is called the browser login dialog box is popped up for the user to type in a username and password. The password is then validated by the Web server typically against the NT (or Windows) user database. The exact validation varies by Web server - IIS uses the NT User database on the server.

o.authenticate(lcRealm, lcErrorMsg, llNoOutput)

Parameters

lcRealm
The domain name or IP address that is authenticated. This is basically the name of the domain that displays on the authentication dialog that the browser pops up.

lcErrorMsg
The error message HTML that you want to display if an error occurs.

llNoOutput
Standard NoOutput flag to return the result as a string.

Remarks

In order for an authentication request to succeed on the server Basic Authentication must be enabled on the server.

Note: Basic Authentication is a non-secure protocol that sits on top of HTTP. Passwords are passed as clear text (although encoded with a simple, easily breakable hash algorithm) and can be easily hijacked with a network sniffer. If you're worried about security make sure that your authentication request runs over SSL/HTTPS - when you do the entire request info is encrypted.

Also, check out the wwProcess::Login method which abstracts the login and authentication process into a single easy to use method.

Example

lcUserName=Request.GetAuthenticatedUser()
   
*** Did the user Authenticate
IF EMPTY(lcUserName)
   *** Send Password Dialog - on success this request will be rerun
   *** AFter 3 failures an error message will be displayed.
   THIS.oResponse.Authenticate(Request.GetServername())
   RETURN .T.
ENDIF

See also:

Class wwResponse | wwRequest::GetAuthenticatedUser | wwProcess::Login

© West Wind Technologies, 1996-2022 • Updated: 11/26/15
Comment or report problem with topic