Validating a password using SpeedScript

Administration

WebSpeed Administration : WebSpeed Security : Authenticating a password using SpeedScript : Validating a password using SpeedScript

This section describes how to validate a password in WebSpeed by executing a simple authentication procedure based on username and password. In the procedure, authorization and password variables are passed using an environment variable as written in SpeedScript. To demonstrate the steps in this authentication process, this example is designed to validate the hard-coded value mypass. The Post method is used to protect the value of your password selection.

Note: The Get method is not recommended in this type of authentication process because it automatically displays the value of your password in your browser's URL field.

To modify this example to query a table that contains user and password information that must be verified:

1. Create a blank HTML file.

2. Enter the following code:

<html>
<head>
<title>Password Example</title>
</head>
<body>
<form method="post" action="val.html"
Enter Password:<input type="password" name="pass" value=""><br>
<input type="submit" name="action" value="process">
</form>
</body>
</html>

3. Save and close the file.

4. Create another blank HTML file and enter the following code:

<html>
<head>
<title>Password Page 2</title>
</head>
<body>
<script language="SpeedScript">
define variable pass as character.
If get-value("pass") = "mypass" then do:
{&out} "Accepted".
/*Could also run an .html or .r file from here, using the run statement.*/
end.
else do:
{&out} "Denied".
/*Could also redirect the user to an .html or .r file from here, using
the run statement.*/
end.
</script>
</body>
</html>

5. Close and save this second file with the filename val.html.

6. Run the first HTML file you created in Step 2.

The word Accepted appears to verify the acceptance and validation of the username and password values.