Announcement

Collapse
No announcement yet.

"Unauthorized User" message comes up even when Security=NO in Converted Menu App

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • "Unauthorized User" message comes up even when Security=NO in Converted Menu App

    Is anyone encountering this problem in production deployment with version 7? The app works well in 6 but I keep having this message showing and the app not displaying.

  • #2
    That is because you have enabled security on that application. If security is enabled, then you can only access applications if you have previously logged on the system.

    Please see: http://downloads.scriptcase.com.br/d...-seguranca.htm

    regards,
    Bernhard Bernsmann

    Comment


    • #3
      Originally posted by bartho View Post
      That is because you have enabled security on that application. If security is enabled, then you can only access applications if you have previously logged on the system.

      Please see: http://downloads.scriptcase.com.br/d...-seguranca.htm

      regards,
      Bernhard Bernsmann
      You misunderstood me:

      1) when I enable security on the app and log in, I'm getting the error
      2) when I DISABLE security on the app and log in or access direct by the URL, I still get the error
      3) this problem is not happening with the v6 app I converted. I've been using security for a while

      Thanks

      Comment


      • #4
        Hello scriptcaser,

        I missed where you said that security=no. Sorry about that.

        1 & 2) What error are you getting when you login?

        Have you tried to clear your browser cookies and cache?

        regards,
        Bernhard Bernsmann

        Comment


        • #5
          I am also having the same issue with same situation. Some times after a while logged into project as authorized user, after a little while it seems as if the session auth variable disappears. It does not happen in SC6 but it does in my converted project to SC7. This only happens on converted apps, not apps built in SC7.
          Last edited by mstopkey; 02-09-2013, 11:36 AM.

          Comment


          • #6
            Hello mstopkey,

            I have reported this issue to our bugs team for further testing.

            regards,
            Bernhard Bernsmann

            Comment


            • #7
              Thanks Bernhard! I have done further testing and it seems to effect in certain browsers. Testing various browers and version. Will let you know.

              Comment


              • #8
                Bernhard,

                I you wish I will export my project and send it to you with login credentials for testing.
                I do have a couple of added variables to the login app as seen below.

                onScriptinit:
                sc_reset_apl_status();
                sc_reset_global ([usr_login], [usr_email], [usr_emp_id], [usr_name]);

                onValidate:
                $slogin = sc_sql_injection({login});
                $spswd = sc_sql_injection(md5({pswd}));

                $sql = "SELECT
                priv_admin,
                active,
                name,
                email,
                emp_id,
                name
                FROM sdh_sec_users
                WHERE login = $slogin
                AND pswd = ".$spswd."";

                sc_lookup(rs, $sql);

                if(count({rs}) == 0)
                {
                sc_log_add('login Fail', {lang_login_fail} . {login});
                sc_error_message({lang_error_login});
                sc_error_exit();
                }
                else if({rs[0][1]} == 'Y')
                {
                $usr_login = {login};
                $usr_priv_admin = ({rs[0][0]} == 'Y') ? TRUE : FALSE;
                $usr_name = {rs[0][2]};
                $usr_email = {rs[0][3]};
                $usr_emp_id = {rs[0][4]};
                $usr_name = {rs[0][5]};
                sc_set_global($usr_login);
                sc_set_global($usr_priv_admin);
                sc_set_global($usr_name);
                sc_set_global($usr_email);
                sc_set_global($usr_emp_id);
                sc_set_global($usr_name);
                }
                else
                {
                sc_error_message({lang_error_not_active});
                sc_error_exit();
                }

                I did this to allow for employee created records to be automatically assigned to them.

                One question, should the login vars be set as SESSION in the scope?

                Mark Stopkey

                Comment


                • #9
                  Actually not. Just the default configurations should work properly. But you may set as SESSION as an attempt to fix the issue.

                  Just to be sure that we aren't missing anything:

                  1 - Have you followed this tutorial? http://forum.scriptcase.net/showthre...rcecode-SOLVED

                  2 - How is the session timeout configuration on your php.ini?

                  regards,
                  Bernhard Bernsmann

                  Comment


                  • #10
                    I will check these.

                    Thanks
                    Mark Stopkey

                    Comment


                    • #11
                      I'm having the same problem with SC V6.
                      Bernhard, you are talking about "session.gc_maxlifetime" ? mine is set to 1440.

                      Comment


                      • #12
                        Ok. Mine is a different issue. After logging into the application (running on dev environment) (ScriptCase is running on Linux) at random times, when I click on an application link, I get "Unauthorized User". Of course if I disable security on that app while staying logged into the app, I can access it. What gives?

                        Comment


                        • #13
                          Hello guys,

                          Thanks for the feedback. I will pass it to our bugs team.

                          regards,
                          Bernhard Bernsmann

                          Comment


                          • #14
                            (Solved)

                            Ok, Got my problem with this fixed. I did not give the user groups access to index.php. Enabled this and all works now.

                            Mark

                            Comment


                            • #15
                              Found our problem. User group had no access permission on index.php.

                              Comment

                              Working...
                              X