Environment: Classic ASP & ASP.NET: How to avoid 2. login?
Question asked by Rainer Epple - 5/18/2020 at 1:46 AM
Answered
Hi,
advance information:
I'm a member of volunteer fire brigade with 9 departments (no. 1 to 9) and a common web presence - but each department has its own admin user with the possibility to add their own content!

Our web presence is running with classic asp and a self-developed cms with a predefined file structure for digital content (images, pdf...)
Each department has folders for their own files, e.g.
x:\assets\images\1\...
x:\assets\images\2\...
x:\assets\images\3\...
x:\assets\images\press\1\...
x:\assets\images\press\2\...
x:\assets\images\press\3\...
x:\assets\images\mission\1\...
x:\assets\images\mission\2\...
x:\assets\images\mission\3\...

Now we want to use Filevista from within classic asp e.g. open it in a _blank window.
Our problems/questions:
Can we start filevista without having to login (again)?
Can we pass the department number to set and handle the needed file structure/folder names (within ASP.NET)?

I hope to have it described it understandable :-)

Thanks in advance
Greetings from Germany
Rainer

3 Replies

Reply to Thread
0
Cem Alacayir Replied
Employee Post Marked As Answer
Yes, this is possible with pass-through login feature.

For Classic ASP, create a page named passthrough.asp and use the below code:

'Replace this with your value from App_Data/FileVista.config of your FileVista installation
applicationKey = "48A5B4EF36615265C7997BA99F1743A17E1196713E613E14457B7658791FBE8C"
'FileVista user
userName = "SomeUser"

'Create and save the pass-through login cookies
Response.Cookies("FileVista.ExternalUser")("name") = userName
Response.Cookies("FileVista.ExternalUser")("hash") = MD5Hash(userName + applicationKey)
Response.Cookies("FileVista.ExternalUser").Path = "/"
Response.Cookies("FileVista.ExternalUser").Expires = Now() + 30

'Redirect to your FileVista location. 
'FileVista should recognize the cookie and skip login page and auto-login
'the specified user in the cookie
Response.Redirect("/filevista")
You need to find a MD5 hash function for Classic ASP, here are some:

References to old forum topics:



You don't need this but just for future reference:
For ASP.NET, create a page named e.g. passthrough.aspx and use the below code in codebehind file:

using System;
using System.Web;
using System.Web.UI;

namespace WebFormsTest
{
    public partial class Passthrough : Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {
            LoginFileVista("SomeUser");
        }

        private void LoginFileVista(string userName)
        {
            //Replace this with your value from App_Data/FileVista.config of your FileVista installation
            const string authKey = "48A5B4EF36615265C7997BA99F1743A17E1196713E613E14457B7658791FBE8C";

            //Create and save the pass-through login cookies
            var cookie = new HttpCookie("FileVista.ExternalUser");
            cookie["name"] = userName;
            //You can reference GleamTech.Core dll to use this helper method, it's simply a MD5 hash
            cookie["hash"] = GleamTech.Cryptography.CryptoManager.Hash(userName + authKey); 
            cookie.Path = "/";
            cookie.Expires = DateTime.Now.AddMinutes(30);
            Response.Cookies.Add(cookie);

            //Redirect to your FileVista location. 
            //FileVista should recognize the cookie and skip login page and auto-login the 
            //specified user in the cookie
            Response.Redirect("/filevista");
        }
    }
}
0
Rainer Epple Replied
Hi Cem,
thanks for your detailed answer!

What about my second question :-)
Can we pass the department number to set and handle the needed file structure/folder names (within ASP.NET)?
0
Cem Alacayir Replied
Employee Post

You can use dynamic root folders for this purpose.


The path can contain the below variables which will be dynamically replaced according to the logged in user. These variables can also be used in root folder's name:

{User}

User name of the logged in user. This will not contain domain part even if it's in the original name.

{Domain}

This will be empty unless there is domain part in user's name

{UserWithDomain}

Original name of the user. May contain domain part if it's in the original name. This is same as {user.name} from previous versions.


For example, you can create a root folder with name


{User}’s folder


And with location


C:\UserFolders\{User}


So {User} is a placeholder which will be replaced with the logged in user’s name


You will need to add the created user to this root folder.

Or you can use a group so all members will have their own folder.


When a user named UserA who can access to this root folder logs in,

He will see a folder named


UserA’s folder


Which points to


C:\UserFolders\UserA


If the location does not exist, it will be automatically created.


For your case, your users are not named "no. 1 to 9" but your departments are, so you can make use of domain part of user name and do this:

For example, you can create a root folder with name


{User}’s department


And with location


x:\assets\images\{Domain}


When a user named JohnDoe@1 who can access to this root folder logs in,

He will see a folder named


JohnDoe’s department


Which points to


x:\assets\images\1

So if you rename your users like JohnDoe@1 or 1\JohnDoe, the domain part will the department no. By the way JohnDoe@1 can still log in with only typing JohnDoe without domain part.


     

Reply to Thread