Recent Posts
1
Web Server - Ask For Help / Re: Anyone have passkeys implemented
« Last post by seanh on November 18, 2025, 10:20:46 PM »Secwin 7 has something akin to this. It allows you to logon once and get a token so you don't need to login again for n days.
It also has a number of other authentication methods I haven't tried.
It also has a number of other authentication methods I haven't tried.
2
Web Server - Ask For Help / Re: Anyone have passkeys implemented
« Last post by Jane on November 18, 2025, 06:11:25 PM »Not real passkeys.
What I have implemented on a few internal apps is use of a one-time token.
Somebody is logged into a SQL report server and part of running certain reports generates a GUID token in a SQL database. The table has an expiration date/time.
They can then link from the report server to one of my internal web apps with a URL that passes that token and specifies an internal "Connect" netWebPage.
The webHandler has an overload of p_web.Authenticate that just has a single parameter for pBearerToken.
That version of the method validates the token against the list in SQL. If valid, then it falls into my code for setting permissions and stuff just like a regular name/password login.
I'm sure there are more elegant options for passing the token.
What I did is
1. Create a NetWebPage which I call Connect
2. In the Connect page, there's a local variable
_token STRING(40)
3. In the Connect page, shortly after the CODE statement, I have the following code:
theWebAppURL/Connect?c=[THE TOKEN VALUE]
This was quicker to throw together for an internal app, rather than trying to come up with a correct implementation of basic authentication. But regardless of how you snag the token that's passed to you, you can use the pBearerToken version of p_web.Authenticate.
What I have implemented on a few internal apps is use of a one-time token.
Somebody is logged into a SQL report server and part of running certain reports generates a GUID token in a SQL database. The table has an expiration date/time.
They can then link from the report server to one of my internal web apps with a URL that passes that token and specifies an internal "Connect" netWebPage.
The webHandler has an overload of p_web.Authenticate that just has a single parameter for pBearerToken.
That version of the method validates the token against the list in SQL. If valid, then it falls into my code for setting permissions and stuff just like a regular name/password login.
I'm sure there are more elegant options for passing the token.
What I did is
1. Create a NetWebPage which I call Connect
2. In the Connect page, there's a local variable
_token STRING(40)
3. In the Connect page, shortly after the CODE statement, I have the following code:
Code: [Select]
_token = p_web.GetValue('c')
IF p_web.Authenticate(_token)
p_web.Script('window.location.replace("/IndexPage");')
ELSE
p_web.Script('window.location.replace("/LoginForm");')
END ! if 4. My SQL report has a link to pass the token to the web app theWebAppURL/Connect?c=[THE TOKEN VALUE]
This was quicker to throw together for an internal app, rather than trying to come up with a correct implementation of basic authentication. But regardless of how you snag the token that's passed to you, you can use the pBearerToken version of p_web.Authenticate.
3
Web Server - Ask For Help / Anyone have passkeys implemented
« Last post by rjolda on November 18, 2025, 02:47:01 AM »Hi
NT 14.31 C11
I am looking into implementing passkeys for secure access to my APP. Has anyone done any work with these or have any insights?
Thanks,
ROn
NT 14.31 C11
I am looking into implementing passkeys for secure access to my APP. Has anyone done any work with these or have any insights?
Thanks,
ROn
4
Web Server - Ask For Help / Webserver and secwin 7 Logout with default deny
« Last post by seanh on November 17, 2025, 09:23:34 PM »My project uses secwin 7 for security. Works well except in one circumstance. The logout button.
This button which is part of the main menu calls SecwinLogoutWeb procedure and should be visable to everyone once logged in.
All users are a part of one or more secwin groups, the groups have a default action of deny. So everyone is stopped from doing thing except for those we allow. Unfortunatly this appears to also affect the logout.
How do I tell the app to always allow access to this particular procedure? I can't find a combination to acheive this.
This button which is part of the main menu calls SecwinLogoutWeb procedure and should be visable to everyone once logged in.
All users are a part of one or more secwin groups, the groups have a default action of deny. So everyone is stopped from doing thing except for those we allow. Unfortunatly this appears to also affect the logout.
How do I tell the app to always allow access to this particular procedure? I can't find a combination to acheive this.
5
Web Server - Ask For Help / Re: session values in NetWebService not visible???
« Last post by rjolda on November 14, 2025, 03:45:55 AM »HI Jane,
I did some reading and evaluating. WHile I could put it in Host Value by Transaction number, e.g. SetHostValue('mytransactionNumber', 'data for transaction'), I am not sure that this is ever cleared.. Worse to run out of memory than to have a few extra database reads! So, I am going back to checking my file.
Ron
I did some reading and evaluating. WHile I could put it in Host Value by Transaction number, e.g. SetHostValue('mytransactionNumber', 'data for transaction'), I am not sure that this is ever cleared.. Worse to run out of memory than to have a few extra database reads! So, I am going back to checking my file.
Ron
6
Web Server - Ask For Help / Re: session values in NetWebService not visible???
« Last post by rjolda on November 14, 2025, 03:21:28 AM »hi Jane,
Last night I realized that the API client-NetWebService may have a different Session ID than the NT member procedure and the NetWebService. I had ruled out spelling and clearing the values and I know that they were written correctly in the WebService procedure. The only thing is the SesionID. May look at Set Host Value.....
Thanks,
Ron
Last night I realized that the API client-NetWebService may have a different Session ID than the NT member procedure and the NetWebService. I had ruled out spelling and clearing the values and I know that they were written correctly in the WebService procedure. The only thing is the SesionID. May look at Set Host Value.....
Thanks,
Ron
7
Web Server - Ask For Help / Re: session values in NetWebService not visible???
« Last post by Jane on November 13, 2025, 07:28:57 PM »Any time I've experienced such a thing, it's due to something that i screwed up.
Possibilities I can think of
1. Spelling error (compiler will not catch those for session values)
2. You're not in the same session that you think you're in
3. Something has changed or cleared the session value between when you set it and when you're trying to read it.
Some well-placed debug statements will show you the SessionID when you're setting and when you're trying to read.
If the values you're checking are not part of a specific session, try using SetHostValue instead.
Possibilities I can think of
1. Spelling error (compiler will not catch those for session values)
2. You're not in the same session that you think you're in
3. Something has changed or cleared the session value between when you set it and when you're trying to read it.
Some well-placed debug statements will show you the SessionID when you're setting and when you're trying to read.
If the values you're checking are not part of a specific session, try using SetHostValue instead.
8
Web Server - Ask For Help / Net Refresh
« Last post by rjolda on November 13, 2025, 04:19:50 PM »HI
NT 14.31 C11
I want to watch a table to see if it is refreshed. This works automagically with the Templates for a Browse.
However, When my NetWebServiceMethod makes changes to a File. e.g "SHOPS.TPS', when I have other procedures watching the file, they update immediately.
Now, I want to watch the "SHOPS.TPS" with another procedure to see if the record has been updated. It is NOT a BROWSe or Form. It is HandCoded. So, how can I check in code if the "SHOPS.TPS" file has been updated (by checking the Socket value somehow?) so that I know to read the File and grab the new values in my hand code procedure.
Looking at this as an alternative to p_WEB.GSV('Somevalue') set by the NetWebServiceMethod does not appear to the other procedures in my app.
Thanks,
Ron
NT 14.31 C11
I want to watch a table to see if it is refreshed. This works automagically with the Templates for a Browse.
However, When my NetWebServiceMethod makes changes to a File. e.g "SHOPS.TPS', when I have other procedures watching the file, they update immediately.
Now, I want to watch the "SHOPS.TPS" with another procedure to see if the record has been updated. It is NOT a BROWSe or Form. It is HandCoded. So, how can I check in code if the "SHOPS.TPS" file has been updated (by checking the Socket value somehow?) so that I know to read the File and grab the new values in my hand code procedure.
Looking at this as an alternative to p_WEB.GSV('Somevalue') set by the NetWebServiceMethod does not appear to the other procedures in my app.
Thanks,
Ron
9
Web Server - Ask For Help / session values in NetWebService not visible???
« Last post by rjolda on November 13, 2025, 02:20:25 PM »Hi
NT 14.36 C11
I have a NetWebService and it has p_web as the parameter.
I set some sessionValues. p_Web.SSV('Someitem','one') in the NetWebService procedure.
I have another Net Talk procedure ( actually a Memform not on a table). I am trying to read the values set by the NetWebService procedure.
e.g. in my Memform procedure, I want to check these values periodically. However my p_Web.GSV('Someitem') is ALWAYS blank - even after I see that my NetWebService procedure has set them using Trace statements.
YIKES - these should be working as they are part of the same session.....
Any ideas?
Thanks,
Ron
NT 14.36 C11
I have a NetWebService and it has p_web as the parameter.
I set some sessionValues. p_Web.SSV('Someitem','one') in the NetWebService procedure.
I have another Net Talk procedure ( actually a Memform not on a table). I am trying to read the values set by the NetWebService procedure.
e.g. in my Memform procedure, I want to check these values periodically. However my p_Web.GSV('Someitem') is ALWAYS blank - even after I see that my NetWebService procedure has set them using Trace statements.
YIKES - these should be working as they are part of the same session.....
Any ideas?
Thanks,
Ron
10
Web Server - Ask For Help / Re: Use DRAW to Create QR Code in NT app?
« Last post by rjolda on November 02, 2025, 05:41:29 PM »Hi,
Found that this requires .Net Framework 3.5. I have it on my machines but I am running my app on WIndows 2022 Server and you have to jump through hoops to put it on a Server.
Ron
Found that this requires .Net Framework 3.5. I have it on my machines but I am running my app on WIndows 2022 Server and you have to jump through hoops to put it on a Server.
Ron