RSS Feed
Knowledgebase : Visual Guard > Authentication features > User name/Password Authentication
Does your product rely on or use the Dotnet integrated membership and role mechanisms (a.k.a. ASP.NET Membership)?Visual Guard .Net is compatible with ASP.Net membership. It replaces and extends this mechanism. If you already have users defined with another provider, you can import them in Visual Guard repository provided it supports Password Retrieval. (otherwise passwords would be lost).
We have several web applications, and some of them are connected to each other. We would like "user A" to be able to access application 1 and "user B" to be able to access application 1 and 2 with the same login. Can we do that with Visual Guard .Net?Visual Guard .Net allows you to secure all of your applications in one security repository. Then you define which user is allowed to access what in your application. So you can definitely have a "user A" accessing only application ...
Is it possible to extend the number and type of credentials used for authentication? For example can we use a custom code in addition to username/password?You can choose to bypass VG authentication features and manage the authentication with you own code. Then, you will pass along the information "user XXX is authenticated" to Visual Guard. VG will then apply the permissions and roles granted to this account. Visual Guard - Version 3.1.911.5
We want the application to start up with this anonymous user (role) and then when a button is clicked this will prompt the user for a login and pwd so they can switch to a user.I confirm you can do that with VG. The process will be the following: - You do NOT put the the ‘login form’ when the application start up - You load the security for the role anonymous executing the following method: : “LoadAnonymousSecurity” - When a button is clicked you will get a login form asking for login and password. Visual...
Another question is users are unique to a repository and not across multiple repositories. Is this correct?Users are managed at repository level, but nothing prevents you to use the same user account in two different repositories. Visual Guard .Net ‘deployment option’ even allows you to replicate a user account list in several repository. (right click on the repository and select ‘Deploy repository’). This option enables you to copy some or all the information of a repository A in a repository B, including...
One question I have about your user management features. I haven’t come across any password rules that are configured and enforced by VG. Is this true?If you use Visual Guard .Net proprietary form-based authentication, you define password policy with a dedicated wizard (Right click on the repository and select ‘Edit password policy’). Concerning the users, Visual Guard .Net can : - Integrate with Active Directory and reuse Windows accounts (in this case the credentials are in Active Directory and we take...
I already have tables with users and their roles. Can Visual Guard tie into existing user/role structure?Visual Guard has its own tables to store users and roles. You can't use your tables. It is possible to import your users in Visual Guard tables. To do that, you must use MemberShip API provided by Visual Guard. This API allow you to create users and grant roles to users. If you need to keep your own table, you can add a relationship between the GISAccount table and the table containing users defined in...
Can Visual Guard .Net reuse our own authentication mode to allow single sign-on?It is possible with some code. during the integration, you have to add the equivalent of the "run as". The use of the SSO process may also imply some code changes in order to adapt Visual Guard .Net. It is sometimes necessary to modify the application in order to be able to apply the permissions. Once the integration of Visual Guard is done, you do not need the code of the application any more to manage the users and ...
What if you wanted to trigger some other behaviour like display a message box saying they were not authorized to use an application at all and then close down the application. Is it possible to support that sort of functionality as well?With Visual Guard .Net, any interaction with the application is possible. The only question is : how automated is it ? Does is require some coding or does Visual Guard .Net provide a ready-to-use feature for that ? In the above example, you can use your own login window and ...
What is available in the Password Policy Editor to edit? If you use AD authentication, VG will take into account the password policy defined in AD. If you choose Username/ password authentication (VG accounts) you will be able to define a complete password policy, e.g special characters, validation rule, password expiration date… Visual Guard
Does Visual Guard impose a password standard? Are there restrictions? It is possible to define a password policy. You can define the minimum password length, the number of non alphanumeric characters or use a regular expression that will increase the check system (for instance at least one capital character, one small character, and at least a figure). It is also possible to indicate that users' former passwords can not be used again. Another option is to force the user to change his password every ...
Is it possible to delimit to 3 the number of tries for the log? Yes it is, you can specify the number of wrong connections before the account is blocked. The password policy is defined by the VG console. To access the policy modification window you have to be connected to the repository. Then right-click in repository and choose the option "Edit Password Policy…" Visual Guard
Where is the user password registered? If you are using the Visual Guard .net authentication mechanism the password is registered in the repository. The password is then stored after being encrypted in an irreversible way (use of the algorithm SHA256). But it is also possible to use other authentication mechanisms, like the Windows one, in that case the password will then be stored and administrated in the Active Directory. The VG console automatically reads users from the Active Directory so there i...
Can we set up one Password policy per repository? Yes. The Password policy is defined at the repository level. To define the password policy, select a repository, go in the menu Option/Edit password Policy. Visual Guard
What is the use of grace logins ? When you change the password policy, all the passwords need to be changed. This process may take some time. Grace logins allow you to define how many time users can connect to the application with their former password even if they do not comply with the new policy. Visual Guard
Help Desk by Novalys