View Single Post
 
Old November 13th, 2014, 09:38 AM
stephen.lunt stephen.lunt is offline
Registered User
Points: 5, Level: 1
Points: 5, Level: 1 Points: 5, Level: 1 Points: 5, Level: 1
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Nov 2014
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Default Security (Chapter 13 pages 526-527)

I am having trouble enabling a user to access the web app through a client db using the suggested Blowfish algorithm. I have the sharepoint list set up and records are generated and updated as expected - obviously I can't tell if the Token field is correct but it changes value when access has been granted by the administrator.
On running the function CheckAccess(), after the user's status has changed to "Token Provided" and the Token field updated in the sharepoint list, the dialog box asking for the web app connection details of UID and PWD appears: if supplied, the function runs and the web app tables are correctly linked. Alternatively, if I hard code those values in as the strToken value immediately before CheckConnection function runs, the linked web app tables can again be opened in the client.
If I Debug.print strToken immediately before the CheckConnection function I get a series of question marks so am unsure what string is being passed into the CheckConnection function.
Has anyone else had this problem and if so how was it solved? Thank you.

Since posting the above, I have made two changes to my code in order to reduce the number of encryptions. When the administrator grants access to the user, the sharepoint list field of "Key" is now used to initiate the Blowfish algorithm which matches the Key used in first initialisation in the Function CheckAccess: this removes the need for the second initialisation process.

As a result, when I debug.print strToken, I am getting most of the UID decrypted correctly (upto exte of externalwriter) and then gibberish for the rest of the UID and for all the PWD. Is there a limit to the number of characters that can be encrypted/decrypted correctly?

I have altered the CheckAccess() Function as follows:
Code:
Case "Token Provided", "Access Granted"
                'bytToken = GetUserName
                'bytToken = blf_BytesEnc(StrConv(bytToken, vbFromUnicode))
                'blf_Initialise _
                    StrConv(bytToken, vbFromUnicode), _
                    LenB(StrConv(bytToken, vbFromUnicode))
                strToken = blf_BytesDec(rs.Fields("Token").Value)
                strToken = StrConv(strToken, vbUnicode)
                Debug.Print strToken
and the GrantAccess(ID As Long) Function:
Code:
If Not (rs.BOF And rs.EOF) Then
blf_Initialise StrConv(rs.Fields("Key").Value, vbFromUnicode), LenB(StrConv(rs.Fields("Key").Value, vbFromUnicode))

Last edited by stephen.lunt; November 13th, 2014 at 11:01 AM.. Reason: update