to access any restricted access area, the user must pass a "User Login" identification control.

For identification and authentication of the incoming user, check that the username and password given during the "User Login" process coincide with those of some data record in the "authentication" section of GenBnet.


how to create an identification or Login process is described below.

before approaching the construction of the login page, you must have an appropriate user data template and some user data record to which the system can compare them during the identification process.


0.0.- from the GenBnet contents management site access the section "managing authentication templates" (manage templates/types of authentication records).

1.0.- insert a data template to handle the user information in the restricted area (for further details see definition of data templates).

NOTE: in the definition of authentication data templates it is unnecessary to fill in the url_list or url_det fields. No detail view or list of user records handled is used.

1.1.- incorporate two short text type (advisable) fields in the data template for the user name and password. (you can use whatever field name you want).

NOTE: when the Login form is created, labels (name) for these fields are used to designate user name and password input fields.

1.2.- if you want to use different levels of access or privileges, incorporate a closed-list field in the data template (advisable), filling in all the levels of access that the restricted area will control.

Some examples of access levels:
-. "registered_user"; "customer"; "supplier".
-. "student"; "professor".
-. "no fee"; " payment A"; " payment B".
-. "reader"; "editor"; "supervisor"

NOTE: the access levels can be "atomic" (a "supervisor" needs not be the "editor") or "inclusive" (a user with "payment A" access may have "no fee" user privileges) using in each case closed lists of the "checkbox" or "radio-button" type respectively.

the access level can be used to impose a minimum restriction on the page (e.g., restrict the page to registered users") and to show or hide information once access has been granted to the restricted page (e.g., on the page restricted to "registered" users, show more information on fees if the user, in addition to being "registered" is also a "supplier").

1.3.- incorporate as many additional data fields in the data template as information associated with the user is to be managed.

NOTE: the authentication module enables the user in session to be shown the values of all the template fields used for, except username and password, on every page that uses authentication.

NOTE: the authentication data template could contain any kind of field, even document or picture fields.

example of a data template:

1.4.- go to the data management site "Managing authentication registries" and incorporate as many data records as users authorized to access the restricted area.

steps in creating the "User log in" access control page are described below.

NOTE: It is not necessary for the login page to be devoted exclusively to access control. The login form can be located on any PHP GenB page with or without management of other types of content..

0.0.- in Dreamweaver®, open a PHP_GenB dynamic page.
1.0.- go to the Dreamweaver® "Forms" objects palette.
1.1.- click on item: "Form" to incorporate the space reserved to the "login" form.
1.2.- insert the two data input fields necessary for identification: username and password (input fields should be text-type for which the Dreamweaver® "forms" object palette can be used).
1.3.- correctly identify the "username" and "password" fields indicating in the attribute name="..." the same name with the data template fields were designated.

NOTE: it is advisable to use a field where the thext is hidden for the password field. To do this mark the attribute "password" in the Dreamweaver® "inspector" panel.

2.0.- from the "Server Behaviors" panel select "Authentication: Login User":

2.1.- enter the parameters requested by "Authentication: Login User":

2.2.- uid: is the unique identifier code provided by inte after initialization.
2.3.-Language (language in data): the language in which the data associated with the user will be loaded. It must be one of the languages used for the contents (useful when not all the user data are monolingual).
2.4.-Get input From Form (take the input data from the form): identifier of the form used for the Login process.
2.5.-Username Field: Field used for entering "username".
2.6.-Password Field: Field used to enter the "password".
2.7.-If Login Succeeds, Go To (if authentication is correct go to): URL of the destination page when user authentication is correct.
2.8.-Go To Previous URL if there is one: option to allow the user to return to the page from which he came after going through the identification process.

NOTE: this situation arises when an unidentified user goes directly to a restricted content page.. The system upon detecting an unidentified user, transfers the user to the login page. If the user performs the Login process satisfactorily and the option "Go To Previous..." is marked, he is sent to the restricted page he came from. If the option is unmarked, he is resent to:

2.9.-If Login Fails, Go To: URL of the destination page for when user authentication is incorrect.

2.10.-Restrict Access Based On: Type of access control:

-. Username and Password: the page validation and restriction system is based on exclusive control of username and password.

-. Username, Password, and Access Level: the page validation and restriction system is based on username control, password and level of access or privileges.

2.11.-Level Label field (Access Level Field Label): Name of label with which the field containing the access level or privileges is designated in the data template.


when the User Login form is completed, the next step consists of constructing the restricted access pages and the "logout" process (end of session).