Here is an example of a do-it-yourself login. Obviously .NET ... James and Kenneth have given excellent ideas for alternative ways to setup your resources.
In this illustration within the "loginQ_Authenticate" you could do a whole range of stuff based upon who is/was signing in. Yes, I add items to the Session but this gives the most generalized flexibility for the Redirect. ////////////////////////////////////////////////////////// <%@ Page Language="C#" AutoEventWireup="true" CodeFile="cam2login.aspx.cs" Inherits="cam2login" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";> <html xmlns="http://www.w3.org/1999/xhtml"; > <head runat="server"> <title>Generalized MapGuide Login</title> <style type="text/css"> .loginQappearance { padding:5px 10px; height: 200px; width: 500px; background: #66CCFF url("images/MIA_blue.gif") no-repeat; background-position:top right; text-align: justify; padding-left:20px; border: solid 5px #999999 } </style> </head> <body> <form id="form1" runat=server> <div align=center> <asp:Login ID="loginQ" CssClass="loginQappearance" runat="server" DisplayRememberMe="False" OnAuthenticate="loginQ_Authenticate"> </asp:Login> </div> <asp:HiddenField ID="raw_InvokedByURL" runat="server" /> </form> </body> </html> // and of course the codebehind using System; using System.Data; using System.Configuration; using System.Collections; using System.Collections.Specialized; using System.Web; using System.Web.Security; using System.Web.UI; using System.Web.UI.WebControls; using System.Web.UI.WebControls.WebParts; using System.Web.UI.HtmlControls; using OSGeo.MapGuide; public partial class cam2login : System.Web.UI.Page { protected void Page_Load(object sender, EventArgs e) { if (IsPostBack == true) { } else { raw_InvokedByURL.Value = this.Request.RawUrl; } } protected void loginQ_Authenticate(object sender, AuthenticateEventArgs e) { try { string realPath = Request.ServerVariables["APPL_PHYSICAL_PATH"]; String configPath = realPath + "../webconfig.ini"; MapGuideApi.MgInitializeWebTier(configPath); MgUserInformation loginuserInfo = new MgUserInformation(loginQ.UserName, loginQ.Password); MgSite site = new MgSite(); site.Open(loginuserInfo); string sessionId = site.CreateSession(); if (sessionId != null && sessionId != string.Empty) { this.Session.Add("mguser", loginQ.UserName); this.Session.Add("mgpassword", loginQ.Password); this.Session.Add("mgsessionid", sessionId); //site.DestroySession(sessionId); e.Authenticated = true; string next_raw_InvokedByURL = raw_InvokedByURL.Value.Replace("SOMENEWNAMEHERE_WHEREIWISHTOGO", "THISISHOWIGOTHERE"); ; this.Response.Redirect(next_raw_InvokedByURL); } } catch (MgException ex) { } } } -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of dorra2007 Sent: Thursday, November 08, 2007 3:08 AM To: [email protected] Subject: Re: [mapguide-users] newbie question about security All users acess the same map (and layout), but the difference between users consists in the temporary layers loaded, according to his parameters stored in a database. So, I am wondering if there is a mapguide security API that manages users in this way, or a security and login code ready for use.I'll be very grateful if you provide me with this code. My problem is that users are not prompted for a login and password, while they have also access denied. James Card wrote: > > On Tue, 06 Nov 2007 03:38:30 -0800, dorra2007 <[EMAIL PROTECTED]> wrote: > >> I wish to know how to assign a user account to a layer (or layer >> definition), so that when he wish access this layer, he will be promted >> for a user name and password. > > The workaround we used for this was to assign security at the map level > rather than the layer level. We created a separate map for each security > group that included only the layers appropriate to that group. We also > created one layout for each of these maps, so it was easy for the security > and login code already in place on the webserver to just load the > appropriate layout after the user was authenticated. > > Since we only had four secuirty groups this was a simple solution. If the > were many different combinations of layer permissions required it would be > too cumbersome to maintain a separate map and layout for each. > > -- > James Card > 209-578-5580 > _______________________________________________ > mapguide-users mailing list > [email protected] > http://lists.osgeo.org/mailman/listinfo/mapguide-users > > -- View this message in context: http://www.nabble.com/newbie-question-about-security-tf4757541s16610.htm l#a13642851 Sent from the MapGuide Users mailing list archive at Nabble.com. _______________________________________________ mapguide-users mailing list [email protected] http://lists.osgeo.org/mailman/listinfo/mapguide-users E-mails are automatically scanned for viruses using McAfee. _______________________________________________ mapguide-users mailing list [email protected] http://lists.osgeo.org/mailman/listinfo/mapguide-users
