Hi All
We are working on some new weblink integration, posting files to LF and creating weblink-URLs for remote clients to access documents via our client portal.
By default workflow creates a simple weblink URL:
e.g.: http://pgc-lfsweb/WebLinkDirect/DocView.aspx?dbid=0&id=2285235
This works fine, however we are using a passive login for this weblink instance and the client can load other documents by randomly changing the ID number, which is less than secure. We do not want the weblink users to have to login, just click the link and the documents loads in the weblink webpage. Weblink9 supports a preset login/pwd, but any other valid IDs can pull documents that are not for "that" client.
So we also added a GUID on this link, which helps to some degree:
-- this secures the ID a bit better, but if the user removes the GUID from the link, the ID can be changed same as above, leaving the GUID secures the ID value, meaning changing the ID but not the guid, fails.
I have been through the documentation, and we have played with some other ideas but so far nothing solid.
What I would like is - using just the GUID to retrieve the document.
http://pgc-lfsweb/WebLinkDirect/DocView.aspx?dbid=0&guid=18ba4885-5016-4abf-96db-34f94cdf8864
Any suggestions?