Open topic with navigation



In the login application onValidate event (control form application used to authenticate a user), insert the following code:


// two users: john and mary with permission to access different applications
if({userid} == 'john') {

elseif({userid} == 'mary') {
        sc_error_message("Unauthorized user!");

Example 3: Authenticating applications using a database table.

In the login application onValidate event, enter the following code:


In the development environment it is possible to suppress the above steps purely for testing purposes, thereby avoiding repeated password requests (or access denied) for each application execution. Disable the options Enable use of security and Enable Use of Password in the Configuration menu | My ScriptCase.

  • Request password just once - Requests the password only once per session, not needing to request to inform the password everytime you open an application in the same session.
  • Enable direct call by URL - Allows the application to be called directly from the URL of the browsers.
  • Enable CSRF - With this option enabled, Scriptcase prevents malicious attacks to a page on which the unauthorized command are transmitted from a user that the page trusts. These attacks are known as "Cross-Site Request Forgery". (This option is available only for Control and Form applications).


    This is a feature used to increase the level of security in the form. It requires direct user interaction, through the entry of a random sequence of characters, displayed on a dynamically generated image. CAPTCHA means "Completely Automated Public Turing test to tell Computers and Humans Apart".

    Read more: