PDA

View Full Version : Recognize windows username and password to display the treemenu links using extjs 4



shilpa_bk
12 Aug 2012, 7:25 AM
I am new to snecha. In my project i am supposed to build a tree menu based on windows domain username and password of a respective user using the system. example: windows username :john,password:67777
then the treemenu in sencha should show certain links and hide certain links based on privelage.
Note: i should not build any login screen.

scottmartin
30 Aug 2012, 7:15 PM
This is a security issue and it not available from JS. You can use activeX (IE) and there are a few other ideas:

http://bytes.com/topic/javascript/answers/734314-windows-login-name-through-javascript
http://www.webmasterworld.com/javascript/3441878.htm
http://stackoverflow.com/questions/2968690/get-windows-username-with-javascript

Source: Google

Scott.

fschaeffer
30 Aug 2012, 9:24 PM
Hello,

first of all, you'll have to make sure, that all content is generated on server side (so your tree nodes should be called from server and this has to be the place where nodes are inserted or not, based on the users priveleges).

I usually do it like this in an intranet environment (all on PHP and Apache including mod_auth_sspi but I think the concepts remain the same):

- first page starts a session and looks for a stored username
-> found -> build tree (or do other stuff)
-> not found -> redirect to a subfolder which contains a .htaccess with directive require valid-user and authentication model SSPI
-> in the subfolder another PHP-scripts then starts the session, stores the derived username from $_SERVER['REMOTE_USER'] in the session and redirects back to the originating script.

From now on the username is stoerd in the session and can be used in your application (!Server side!). Don't even think about using this information on the frontend side as every user could easily switch your frontend variable (lets call it var isAdmin = false) by using firebug or the console....

Why redirect? The user won't notice the two redirects but you gain a lot of performance as the mod_auth_sspi otherwise would requery the domain-controller for every subsequent request.

If you need more code examples feel free to ask

HTH
Florian

friend
31 Aug 2012, 4:38 AM
For those who use a Windows Server environment and Java, check out Waffle (http://dblock.github.com/waffle/). Basically, it's a native Windows and Active Directory authentication API, including a Tomcat valve for Kerberos+NTLM.