This article as a result of a series of questions I was asked by a customer about Self Service authentication.

The customer had been reviewing some pages that had been written by a partner.  The code they were looking at was very similar to this:


if (!eWare.Authenticated)
{
  eWareLogin();
}
else
{
  Response.Redirect("custommain.asp");
}
 

The property of eWare.Authenticated is being used in this example as a guard to code within the Self Service page.  But what determines the value of eWare.Authenticated?

The basic logon form for Self Service looks like

 


 <form method="post" name="loginform">
<table 
class=content>
<tr>
<td>
<%=eWare.AuthenticationError%>
</td>
</tr>
<tr>
<td>
User 
Name:<br>
<input class="edit" 
name="username"><br>
Password:<br>
<input class="edit" 
type="password" name="password"><br>
<input class="edit" 
type="checkbox" name="saveuserinfo" id="rememberme" checked>
<label 
for="rememberme">Remember 
me</label>
</td>
<td>
<input class="button" 
type="submit" value="Login" 
name="Submit">
</td>
</tr>
</table>
</form>
 

 

The credentials from the web form are used for the logon.  

eWare.Authenticated is a ReadOnly boolean value set at the time of the initial logon and initialisation of the Self Service object. 


eWare = Server.CreateObject("eWare.eWareSelfService");
eWare.Init(
Request.Querystring,
Request.Form,
Request.Cookies("eware"),true);

The Init() method takes the following parameters

Init(ByVal QueryString As String, ByVal ContentString As String, ByVal Cookie As String, ByVal UseCookies As Boolean) As String

So if the visitor has logged on, the initialisation method checks to see whether there is a valid cookie.  If there is then eWare.Authenticated is true, else eWare.Authenticated is false.   

You can investigate this further by writing out the value of the parameters passed to the eWare.Init() method.  You can then see how values change when you try and access the page when logged on.


function CheckObject(myObject)
{
//usage CheckObject(myObject);
//e.g. CheckObject(Request.QueryString);
var myVarCount = myObject.Count;
var KeyName;
Response.Write(myObject);
Response.Write("<UL>");
for (var iLoop=1;iLoop<=myVarCount;iLoop++)
{
 KeyName = myObject.Key(iLoop);
 Response.Write("<LI><B>"+KeyName+"</B> is "+myObject(KeyName));
}
Response.Write("</UL>");
Response.Write("<HR/>");
}
CheckObject(Request.QueryString);
CheckObject(Request.Form);
Response.Write(Request.Cookies("eware"));