View Single Post
  #12 (permalink)  
Old March 1st, 2012, 07:18 PM
vbboyd vbboyd is offline
Friend of Wrox
Points: 1,905, Level: 17
Points: 1,905, Level: 17 Points: 1,905, Level: 17 Points: 1,905, Level: 17
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: May 2011
Posts: 411
Thanks: 13
Thanked 7 Times in 7 Posts
Default We are not storing the password.

We are not storing the password we are storing the EmployeeID# which the Employees are using as their password to log onto the system. The database is already set up that way. So when they log on they first log onto the network system and then they log on to the Employee Portal, which they use their names and their EmployeeID# as their passwords. Only do Administrators for each department have read, write, and delete privileges in the Employee Portal. Everybody else has just read privileges. So once they log on and use their EmployeeID#'s as passwords on the Employee Portal, from there I can I find out which department they belong to and if they are department administrators for the Employee Portal or not. The problem is we have to verify them against the Employee Database first to find out which department they belong to and then what are their user privileges and then assign that to session objects which follow them around as they navigate from webpage to webpage. Not the best way to do things, I agree but if you know or suggest a better way to do it, then I am like an Iowa cornfield: I am all ears.
Reply With Quote