Please enable JavaScript to view this site.

Navigation: Using ASPRunnerPro > Security

PHPrunner32x32     ASPRunnerPro manual


Security screen

Scroll Prev Next More

Security settings

The Security screen is a tool to help you restrict access to the database in the generated app.

security_page

 

You can choose one of the following options:

 

No Login - there is no authentication. Everyone can access and edit the database.

 

Hardcoded - set the only login/password combination which grants access to the database.

 

Database - choose this method if you store username/password combinations in your database. In this case, you need to select the database table with the user data and choose the fields that store usernames, passwords, and full names. Full name content is displayed in the Logged as <> phrase after successful Login.

 

If you wish to display additional information in the Logged as <> phrase, use AfterSuccessfulLogin event to add a custom code. For example:

 

SESSION("UserName") = data("FirstName")&" "&data("LastName")

 

You can create a new table to store user login info by clicking Create new, and add new users to the selected table by clicking Add user.

 

The Database login page has the Add Login with Facebook option. See Facebook connect to learn more.

 

Active Directory - this option allows working with user data stored in the Active Directory. For more information, see Active Directory.

security_active_directory

 

yellowbulbNote: the Active Directory option is only available in the Enterprise edition. See Editions comparison to learn more.

 

With active authentication, ASPRunnerPro generates an additional ASP page called Login.

 

Here is how it looks like in the generated app:

security_login_page

 

yellowbulbNote: users can select the Remember me checkbox to store their session data in the cookies. This way, the user stays authenticated for as long as the cookies are relevant or active.

 

Additional options

The additional Security options are located on the right:

 

When using authentication, you can set the Login form appearance.

 

Registration and passwords option allows you to create and set up the user registration, password reminder, and change password pages.

 

yellowbulbNote: if you need to customize the email templates that are sent when a new user is registered, use the Email templates option.

 

Use Locking and Audit to set up record locking and user actions logging.

 

Use Encryption to encrypt important data in the database.

 

Use the Session keys option to enable a single logon for multiple projects.

 

If the Database or Active Directory option is selected, you can set Advanced Security Settings and define Permissions.

 

You can set up the Two-factor authentication with the Database option.

 

Scenarios for configuring security options

"One or several persons with the same access rights have access to the site".

 

Use the Hardcoded option.

 

"There is a single owner (administrator) with full access. Other users (guests) have read-only access to some pages/reports/charts".

 

Use the Database option, enable guest login in the Advanced security settings, configure the access for guests in the User group permissions.

 

"There are many users with different access levels and administrators with full access".

 

Use the Database option, configure Advanced security settings if you need to restrict access for each table, configure User group permissions to assign table level permissions, configure Admin group for administrators.

 

"All user account data is stored in the Active Directory".

 

Use the Active Directory option.