Login security
Robert Haussmann
haussma at nextdimension.net
Tue Jul 5 12:27:38 PDT 2005
> Windows native
>
> Although I can easily check to get the "username" used to log
> into the system, I
> am maintaining a separate login and password file for login
> into a filePro app.
>
> Since I can't place this name in an environmental variable
> for use as files are
> accessed, any suggestions as to how to accomplish this in a
> simple, relatively
> secure manner?
>
Richard--I'm not 100% sure what you are asking, but here are
some possibilities:
1) use GETENV to get the system variable USERNAME (contains
the username of the logged in user for Windows NT/2000/XP;
not sure about XP). This eliminates the user needed to retype
the username, but you'll have to verify the password each time.
2) start your application with a batch file that does the following:
a) get username/password, verify against your DB
b) writes a temporary batch file that sets env. variables to
your username and password (hopefully encrypted)
c) CALL your temporary batch file
d) delete the temporary batch file
(this will make your username/password environmental variables
available to you until somebody exits the application completely).
An example might be:
@echo off
Rem the following processing creates %temp%\login.bat
Rem which containts statements to set the environmental
rem variables TDSUSERNAME and TDSPASSWORD (encrypted)
\fp\rclerk security -s9 -xa -d
if errorlevel=99 goto nogood
call %temp%\login
del %temp%\login.bat
cd \
p tdsmain
goto done
:nogood
cls
echo Access requires a valid user ID and password.
pause
goto done
:Done
Bob Haussmann
Tabor Children's Services, Inc.
More information about the Filepro-list
mailing list