You are viewing limited content. For full access, please sign in.

Question

Question

Weblink Logins Information passed in a link

WebLink Integrations Laserfiche Version 8 Security
Updated May 30, 2019
asked on March 19, 2014

We have several application\websites where we want to share some laserfiche files, but each application has to have a different set of permissions. 

 

Is it possible to send the user to the proper laserfiche folder in weblink and not require them to log in, without using an anonymous login?  Some of the links are available to public on our extranet and some links are on our intranet.

 

For example, our MSDS application, I want to send them to the MSDS folder and only the MSDS folder using the Laserfiche Credentials MSDS:MSDS.  Also our Open Records application needs to send them only to the Open Records Folder with that particular Laserfiche Credentials.  These are just 2 examples where certain applications need access to certain folders of Laserfiche.

0 0

Answer

APPROVED ANSWER
replied on March 19, 2014

It is possible to configure autologin for the same repository as multiple users by simply creating additional repository connections and creating links with the corresponding database ID. However, that would then allow users to simply change the ID of the link to access the repository as a different users, so that may not be what you are looking for.

 

There is an old forum post about a similar question. The solution was to modify the WebLink project to take in credentials via URL and call Login() on the LoginInterface8 control using those credentials. Brian also suggested passing a cookie to WebLink instead of just putting the credentials in the URL in the case where your application is on the same domain as WebLink (to be more secure).

 

In short, there isn't a built-in way to just pass the credentials in a URL, but it is possible to create a custom solution.

2 0
replied on May 30, 2019

The old forum post is not accessible any more. It would be great if some one explains more about  "modify the WebLink project to take in credentials via URL and call Login() on the LoginInterface8 control using those credentials."

0 0

Replies

replied on March 19, 2014

It would be helpful to know more about how you intend for this to work.  It's great that you are going to leverage Laserfiche security, but as Brianna notes that doesn't usually combine very well with automatic login to a shared account.  Are you concerned about users sharing or guessing the URLs?  You could audit for unauthorized access, but shared accounts through a web application makes this difficult.

0 0
View 1 previous reply
replied on March 20, 2014

I have the links already created to go to a particular folder in Laserfiche, however I do not want to have the user login to get the data.  As for guessing URLS not too worried as they are coming from one of our intranet pages, which are locked down to individual users. 

 

Since some of the information is sensitive, I need to allow different access based on where they are coming from.  I hope this clarifies what I am looking to do.

0 0
replied on March 20, 2014

Brianna's solution is easiest, then; just register the repository multiple times with different credentials.  But even if you have security on your intranet site, that can't keep someone from changing the WebLink URL in their browser.

0 0
replied on March 20, 2014

So Under the Weblink Admin, I can create multiple repository Configurations, each with a different login.  and then the in the URL I just need to change the DBID to correspond to repository configuration?

0 0
replied on March 20, 2014

Right.

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...