Telegram_2022-05-16T15

<< Click to Display Table of Contents >>

Navigation:  Telegram > 2022 > 05 > 16 >

Telegram_2022-05-16T15

Telegram link

 

2022-05-16T15:40:09

 

Hello,

 

I need to call a form from an external site but with authentication.

 

Example:

 

- external site call: type: link www.myportal.com/call_IWForm?user=joe&pwd=somethingcrypted

 

The form must start a new session.

 

I am looking contenthandler example but I don't find anything similar.

 

Thanks

 

 

Telegram link

 

2022-05-16T15:42:25

 

You might want to encrypt more than the passwird...

 

Link/iwapp/?passport=123ascdf456732

 

Where user and password are both encrypted

 

 

Telegram link

 

2022-05-16T15:46:18

 

Thanks. You're right, but this is not my actual problem. I don't know how to open my webapp without login form but setting credentials the same.

 

I think I need a contenthandler example of \login content handler\

 

 

Telegram link

 

2022-05-16T15:48:56

 

...IWServerControllerBaseConfig...

 

var

 

FormHandler : TContentForm ;

 

RedirectHandler : TContentRedirect ;

 

begin

 

...

 

// THandlers.Add('path', 'key', form.create )

 

FormHandler := TContentForm.Create( TIWformYouMade );

 

FormHandler.FileMustExist := False ;

 

FormHandler.CanStartSession := True ;

 

FormHandler.RequiresSessionStart := False ;

 

FormHandler.RequiresSession := True ;

 

// type: link https://server.com :port/signon?key=value1234xxx

 

THandlers.Add('/signon/', '', FormHandler );

 

// there are other ways to add content handlers, too.

 

 

Telegram link

 

2022-05-16T15:49:55

 

then it's best to build a unit all by itself to handle that one form.

 

 

Telegram link

 

2022-05-16T15:50:44

 

and in that unit, you have the http request / response handled. ( checking the param/value etc. )

 

 

Telegram link

 

2022-05-16T15:50:54

 

i dont know where I found a demo though. I'll keep looking.

 

 

Telegram link

 

2022-05-16T15:52:01

 

basically the important stuff is that you catch it in the server controller side. I should point out that you better have some sort of code that KNOWS whether or not the user is ALREADY logged in or not. SO that someone can't just copy the URL and get into your system if they want. you know ?

 

 

Telegram link

 

2022-05-16T15:53:56

 

you could always add other stuff for validation too, like a whitelist of allowed IP addresses or something, so that if you want, you only allow 'certain' IP addresses to use that URL. But it depends on what level of security you want your system to have. let anyone in if they have the URL, or not ?

 

 

Telegram link

 

2022-05-16T15:55:03

 

do a search for contenthandlers - i'm sure there are demos out there somewhere. Cant find the one i had.

 

 

Telegram link

 

2022-05-16T15:58:54

 

type: link https://doc.atozed.com/en/iw15/develop/content-handlers/walkthrough/

 

 

Telegram link

 

2022-05-16T15:59:20

 

that link is a very good start. shows you how to create a separate unit to handle the request that caught in the browser.