p2p.wrox.com Forums

Need to download code?

View our list of code downloads.


  Return to Index  

proasp_codeclinic thread: Switch user with windows integrated security


Message #1 by Patrick Mair <pmair@e...> on Thu, 14 Nov 2002 11:02:13 -0500
All I get is "yay!" everytime.  My session variable won't hold when that
Response.Status is there.  If I comment out the Response.Status line I get a
blank screen c/o the Response.End.

"Ken Schaefer" <ken@a...> wrote in message
news:<238700@p..._codeclinic>...
> 
> Hi Patrick,
> 
> Can you try the following please?
> 
> <%
> If Session("switch") = True then
>     Response.Status = "401 Not Authorized"
>     Session("switch") = False
>     Response.End
> Else
>     Response.Write("yay!")
> End If
> %>
> 
> (in conjunction with your existing logout.asp page).
> 
> Cheers
> Ken
> 
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> From: "Patrick Mair" <pmair@e...>
> Subject: [proasp_codeclinic] FW: Switch user with windows integrated 
> security
> 
> 
> : To follow this up a bit, I changed the code on my default.asp page 
> to look
> : like this:
> :
> : <%
> : if Session("switch") = true then
> : Response.write "If Switch: " & Session("switch")
> : Session("switch") = false
> : Response.Status = "401 Unauthorized"
> : else
> : Response.Write "Else Switch: " & Session("switch")
> : end if
> : %>
> :
> : So that it will tell me what my session variable is holding, which
should
> be
> : set in the page logout.asp which looks like this:
> :
> : <%
> : Session("switch") = true
> : Response.Redirect("/")
> : %>
> :
> : As it's written, the response write gives me 'Else Switch: False' every
> : time.  But as I mentioned before, when I comment out the Response.Status
> I'm
> : getting 'If Switch: True'.
> :
> : Patrick
> :
> : "Patrick Mair" <pmair@e...> wrote in message
> : news:<237765@p..._codeclinic>...
> : >
> : > Thanks for helping me out with this Ken, it's really appreciated.
> : >
> : > The behaivior I see now is... No popup dialog.  I can't understand why
> : > it isn't working.  I do see the response.writes as well.  But here's
> : > the weird part; if I leave everything coded as it is below, I see 'hi
> : > dude'.  If I comment out the response.status I see 'bye dude'.  Almost
> : > as if the response.status is affecting the value of my session
> : > variable...
> : >
> : > Patrick
> : >
> : > "Ken Schaefer" <ken@a...> wrote in message
> : > news:<237483@p..._codeclinic>...
> : > >
> : > > Hi Patrick,
> : > >
> : > > I'm not sure what it is that you can't do...
> : > > As I see it what should happen (from your code) is:
> : > >
> : > > a) Login dialogue box should pop-up.
> : > > b) You enter valid credentails of some kind (note that the
> : > > Response.Write("Bye Dude") will never be seen - you can't write HTTP
> : > > content with a HTTP 401 header)
> : > > c) You will see the text "yay!"
> : > >
> : > > Note: if you are running this against http://localhost the behaviour
> : > > might be different - IE may "auto logon" when it encounters the 401
> : > > Header because http://localhost is in one of the trusted zones, and
it
> : > > automatically sends your current credentials...not sure about this,
> : > > you may need to to check.
> : > >
> : > > What is the behaviour that you are seeing?
> : > >
> : > > Cheers
> : > > Ken
> : > >
> : > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> : > > From: "Patrick Mair" <pmair@e...>
> : > > Subject: [proasp_codeclinic] Re: Switch user with windows integrated
> : > > security
> : > >
> : > >
> : > > I haven't been able to get this to work properly.  I created a page
> : > > called logout.asp, which is linked from all my pages, and it looks
> : > > like this:
> : > >
> : > > <%
> : > > Session("switch") = true
> : > >
> : > > Response.Redirect("\default.asp")
> : > > %>
> : > >
> : > > Then near the top of default.asp I wrote this:
> : > >
> : > > <%
> : > > if Session("switch") = true then
> : > > Session("switch") = false
> : > > response.write "bye dude"
> : > > response.status = "401 Not Authorized"
> : > > else
> : > > response.write "hi dude"
> : > > end if
> : > > %>
> : > >
> : > > But I still can't get it working -- I've commented out both the
> : > > .write's just in case they were interfering but that did not help.
I
> : > > can't hit the true condition with the .status in there, yet as soon
as
> : > > I take it out I CAN hit it.  I tried doing this with a querystring
as
> : > > well, the problem there being that I couldn't remove the querystring
> : > > like I can set the session variable in the conditional construct
> : > > without a .redirect, which would overwrite the .status.
> : > >
> : > > Is setting the status to 401 the ONLY way to popup the login dialog,
> : > > because I'm beginning to worry that I cannot achieve what I want to
do
> : > > using it.
> : > >
> : > > Patrick
> : > >
> : > > ------->
> : > >
> : > > How about something like:
> : > >
> : > > <%
> : > > Session("ReLoggedOn") = False
> : > >
> : > > If Session("ReLoggedOn") = False then
> : > > Response.Status = "401 Not Authorized"
> : > > Response.End
> : > > Else
> : > > Session("ReLoggedOn") = True
> : > > Response.Write("yay!")
> : > > End If
> : > > %>
> : > >
> : > > You need the conditional construct (If...Then...End If) because
> : > > Response.Redirect sets a HTTP 302 Object Has Temporarily Moved
header
> : > > which is over-writing your Response.Status = "401 ..." header...
> : > >
> : > > Cheers
> : > > Ken
> : > >
> : > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> : > > From: "Patrick Mair" <pmair@e...>
> : > > Subject: [proasp_codeclinic] Switch user with windows integrated
> : > > security
> : > >
> : > >
> : > > : I'm using integrated windows security on my intranet - I'd like to
> : > > be able
> : > > : to put in a button or link that would allow the user to change
> : accounts
> : > > (log
> : > > : in as someone else) so the link would popup the
> login/password/domain
> : > box
> : > > : and then return the user to the page they clicked the link from
> : > > with the new
> : > > : credentials.
> : > > :
> : > > : I can set response.status = "401 Unauthorized" and get the login
> : > > dialog, but
> : > > : if I put a response.redirect or anything after the
> : > > response.status, the page
> : > > : seems to skip over the response.status and never popup the dialog.
> : > > Has
> : > > : anyone done something similar to this before? Thoughts on how I
> should
> : > go
> : > > : about setting it up?
> : > >
> : > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> : > >
> : > >
> : > > ---
> : > > Change your mail options at http://p2p.wrox.com/manager.asp or to
> : > > unsubscribe send a blank email to 
> : > >
> : > >
> : > >
> : >
> : >
> :
> 
> 
> 

  Return to Index