These forums are read-only and considered to be an archive. Please use the new Community for future interaction and posts.

Pass-through login on FileVista 4.1

Hello,
i'm trying to use Pass-through login with filevista 4.1.
I've integrated FileVista in our company intranet and i'd like that internal people could log in directly from our intranet home page.
So i've followed all the instructions found in this topic: http://www.gleamtech.com/support/forums/2925/pass-through-login
I've double checked all the code and i'm pretty sure i've followed every single step but i can't have the pass-through login working. The cookie is created but when i click on the link to FileVista i get the login page. Maybe the istructions are only referred to 3.2 and there's something different now with 4.1. I've noticed that the filevista.config already contains a applicationkey value.
I'm using classic asp, here is my code to create cookie (md5 is found on the net):


'This is the key from my FileVista.config 
applicationKey = "FC37EBF0410BF303EE525F462F24951AF91B6CDC0BF56D8ED25B3D06F7D685B8"

'I'm trying to login as admin but later i'll put here the username of the user logged on the intranet
userName = "admin"

Response.Cookies("FileVista.ExternalUser")("name") = userName
Response.Cookies("FileVista.ExternalUser")("hash") = md5(userName + applicationKey)
Response.Cookies("FileVista.ExternalUser").Path = "/"
Response.Cookies("FileVista.ExternalUser").Expires = Now() + 1


If i run this code in a test page the cookie is created but if i try to go to filevista web site (http://myserver/filevista) i get the login page asking user and password. Please help me out, i don't want that people already logged on the intranet have to login again to FileVista.

Thanks for any advice.

Michele
Michele 3/16/2011 6:13 AM
Your classic ASP code seems correct, ie. it seems to be setting the cookie correctly but for which domain? You should set the cookie at the same domain as FileVista so that it can see your cookie. You can not set cookies across domains. I mean if FileVista is installed at http://myserver/filevista then your cookie setting page should be run under the same domain such as http://myserver/setcookie.asp.

If the cookie was actually seen by FileVista and the user name or hash was wrong, you would have at least received an error like "Login failed for External User" instead of the login page.

Let me know.
Cem Alacayir 5/6/2011 6:19 AM
I'm really glad to read you Cem!
The cookie setting page is run on the same domain: all the intranet is on the same domain.
I run http://myintranet/setcookie.asp and after it i redirect to http://myintranet/<filevista folder>

I've also tracked down the cookie folder on the profile of the computer i'm using for testing purpose and all seems to be created in the right way.
But if I run che setcookie.asp page and then move to filevista folder, i don't get any error or messages. Just the filevista login page asking for user and password (or only for password if i delete all the cookie).
I've also tryied to insert a wrong hash to see if an error was displayed, but nothing :(

Maybe it's the md5 found on the net? But at least an error message should be displayed.
I was thinking about creating the cookie with .net page but it seems a little tricky couse all the intranet is still on classic asp.
Let me know what you want me to try.
Michele 5/6/2011 6:53 AM
The problem seems that the browser does not send the set cookie for some reason. I recommend you to examine the request and response headers with Firebug (Firefox) or Fiddler (IE) after you call setcookie.asp and redirect to FileVista.

You should see a set-cookie header like this in the response (server) header when you call setcookie.asp:

Set-Cookie: ExternalUser=name=admin&hash=f0b10931e58c7c553a1e59f81409b462; expires=Sat, 07-Aug-2011 15:03:17 GMT; path=/

You should see a cookie header like this in the request (client) header when you redirect to FileVista (call login.aspx):

Cookie: FileVista.ExternalUser=name=admin&hash=f0b10931e58c7c553a1e59f81409b462

Only if you see this header, you can make sure that the browser is actually sending the cookie with the request.
By the way I noticed that you are setting the cookie with an expiration date:

Response.Cookies("FileVista.ExternalUser").Expires = Now() + 1

Please comment out this line or set a further date. Maybe there is some time difference between the client and server so the cookie expires at the same time you set it.

Note that there is another subkey in the cookie named FileVista.RememberedUser which is used for "Remember me" feature. That's why when you deleted all the cookies, the login page asked for both user name along with password. This subkey is unrelated to the pass-through feature.
Cem Alacayir 5/6/2011 8:14 AM