View Single Post
  #13 (permalink)  
Old March 1st, 2012, 07:42 PM
vbboyd vbboyd is offline
Friend of Wrox
Points: 1,905, Level: 17
Points: 1,905, Level: 17 Points: 1,905, Level: 17 Points: 1,905, Level: 17
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: May 2011
Posts: 411
Thanks: 13
Thanked 7 Times in 7 Posts
Default Passwords

The situation is not set up like you do in your book. We don't let the employees log into the Employee Portal and set up their own passwords. Those are already provided and put in the database by the DBA. They just log in and use their Employee Names as a USERID and their EmployeeID's as their password. Then from there, I grab the EmployeeID# and put it in as parameter for a SQL query and that way I can find out which department they belong to and if they are department admins. That information then gets put into a Session object if they are department admins and if they are department admins then only certain web elements are made available to them. So in other words, if they are Admins then I do a if test and see if their session IDs say they are Admins and if they are they can see certain weblinks, buttons, drop down lists ect. Kind of similar to what you do in your book on pages 614 thru 616. I still haven't found out a way to do it differently so that you don't have to create 20 different user roles for 20 different departments other than capturing their Passwords and putting it into a parameter in a query and then finding out what department they belong to and if they are administrators or not.
Reply With Quote