Custom authentication with parameterized queries?

Didi71 · November 25, 2014, 7:50am

Hello everybody.

We have one project with several users, three roles (“operator”, “supervisor” and “admin”) and at least six clients (touch panels) installed around our plant.
We have successfully implemented the custom authentication by querying our SQL server, and all seems to working fine.
But recently our customer requires the following improvement: each operator must have different privileges depending on the client with which you logged in, but using the same username and password.
The database custom authentication allows to write custom queries to define users, roles and so on; but – we believe – is not possible to parameterize those queries.
How is possible to involve the host name (or IP or MAC address) in the security system?

Thanks in advance.

Diego.

Robert · November 25, 2014, 3:58pm

Create a shell project for the users to log into. It’s sole purpose would be to obtain the users credentials and workstation id. Based on this information, a look up is done for the correct username to use and then they are re-targeted to the real project.

The real project is removed from the homepage so uses don’t bypass the new security shell project.

greg.simpson · November 25, 2014, 7:51pm

Roberts suggestion is the way to go.

thanks Robert