Wrox Programmer Forums
BOOK: Professional Access 2013 Programming
This is the forum to discuss the Wrox book Professional Access 2013 Programming by Teresa Hennig, Ben Clothier, George Hepworth, Dagi (Doug) Yudovich; ISBN: 978-1-118-53083-2
Welcome to the p2p.wrox.com Forums.

You are currently viewing the BOOK: Professional Access 2013 Programming section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
Old November 13th, 2014, 09:38 AM
Registered User
Join Date: Nov 2014
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Default Security (Chapter 13 pages 526-527)

I am having trouble enabling a user to access the web app through a client db using the suggested Blowfish algorithm. I have the sharepoint list set up and records are generated and updated as expected - obviously I can't tell if the Token field is correct but it changes value when access has been granted by the administrator.
On running the function CheckAccess(), after the user's status has changed to "Token Provided" and the Token field updated in the sharepoint list, the dialog box asking for the web app connection details of UID and PWD appears: if supplied, the function runs and the web app tables are correctly linked. Alternatively, if I hard code those values in as the strToken value immediately before CheckConnection function runs, the linked web app tables can again be opened in the client.
If I Debug.print strToken immediately before the CheckConnection function I get a series of question marks so am unsure what string is being passed into the CheckConnection function.
Has anyone else had this problem and if so how was it solved? Thank you.

Since posting the above, I have made two changes to my code in order to reduce the number of encryptions. When the administrator grants access to the user, the sharepoint list field of "Key" is now used to initiate the Blowfish algorithm which matches the Key used in first initialisation in the Function CheckAccess: this removes the need for the second initialisation process.

As a result, when I debug.print strToken, I am getting most of the UID decrypted correctly (upto exte of externalwriter) and then gibberish for the rest of the UID and for all the PWD. Is there a limit to the number of characters that can be encrypted/decrypted correctly?

I have altered the CheckAccess() Function as follows:
Case "Token Provided", "Access Granted"
                'bytToken = GetUserName
                'bytToken = blf_BytesEnc(StrConv(bytToken, vbFromUnicode))
                'blf_Initialise _
                    StrConv(bytToken, vbFromUnicode), _
                    LenB(StrConv(bytToken, vbFromUnicode))
                strToken = blf_BytesDec(rs.Fields("Token").Value)
                strToken = StrConv(strToken, vbUnicode)
                Debug.Print strToken
and the GrantAccess(ID As Long) Function:
If Not (rs.BOF And rs.EOF) Then
blf_Initialise StrConv(rs.Fields("Key").Value, vbFromUnicode), LenB(StrConv(rs.Fields("Key").Value, vbFromUnicode))

Last edited by stephen.lunt; November 13th, 2014 at 11:01 AM.. Reason: update

Similar Threads
Thread Thread Starter Forum Replies Last Post
Problem with using ASP.NET Configuration (Chapter 19 Configuring Security: Ex 13) TJinWI BOOK: Beginning Visual C# 2012 2 April 17th, 2014 11:48 AM
Chapter 19 page 574 Configuring Security: Ex 13 dsequoias BOOK: Beginning Visual C# 2012 0 April 16th, 2014 12:07 PM
Security Problem on Pages tedr BOOK: ASP.NET 3.5 Enterprise Application Development with Visual Studio 2008: Problem Design Solutio 3 March 27th, 2009 01:43 PM
Properties of Login control (p. 526) roman BOOK: Beginning ASP.NET 3.5 : in C# and VB BOOK ISBN: 978-0-470-18759-3 7 June 24th, 2008 04:28 PM

Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.