Prev   Next

Back to the top of the FAQ

Q. Single user name, multiple passwords with ODBC database?

A. It is normally best to have the username as a unique key. However, if you have multiple users with the same name but different passwords, then you can set a switch in the registry to tell the AuthentiX to add " AND passwordField='passwordEntered' at the end of the select statement (standard or custom select).

To make this happen, using regedt32.exe, add a value in the registry

HKEY_LOCAL_MACHINE
	/Software
	/Flicks Software
	/AuthentiX
	/1.0
	/AuthentiXConfig
of type REG_DWORD with the name addPasswordToSelect.
Make its value 1.

Note: the software caches successfully logged in ODBC usernames and passwords for performance reasons. If a username logs in with one password and another tries to login with that username using a different password (while the first is still in the cache), then the second will not be able to get in, because the ODBC database will not be queried again.
To turn off this caching, go to the options dialog/ ODBC options, and set relevant checkbox. This will disable the cache and query the database for every request. This may have a performance impact.

Then stop IIS Admin Service (IIS4 and above) or World Wide Web Publishing Service (IIS3) from the control panel and restart.

This really isn't recommended because of the performance issue.
It will not work if for example you are using cookie-based login, where the passwords need to be decrypted and/or hash-matched first.

NB: This ability is intended to help ease the transition to a database with single username/password combinations. It works for the most common scenarios, but may not be fully supported for all functionality, for example cookie-based login with ODBC. Additional custom upgrades may be required, if you wish to persist in using multiple passwords with a single username.

Alternatively:

You could use the "By COM" option (with the Extensibility SDK), and specify the Option: "Call On Every Request". This option will bypass the built-in username/password caching, and you can check usernames passwords etc with any scheme you wish.

Back to the top of the FAQ

Prev   Next