Xbasic

Context.Security Object

Description

Context.Security object properties and methods

Discussion

The Context.Security object is an object on the Application Server that contains properties and methods for working with the users and roles (groups) in a web application using security. This includes logging a user in, logging a user out, adding and deleting users from the security framework, managing roles, resetting and generating passwords, validating user credentials, etc.

The term "Role" and "Group" are synonymous in this API. The UI in Alpha Anywhere Developer Edition generally uses the term "Group" while the security property and methods use the term "Roles".

The Context.Security object has a CallResult property. Use this property to see if a method call or property get succeeds before using a method's returned value or property's value. See the following examples.
dim errorMsg as C = "" 
dim created as L = .F. 

' Create new user
created = Context.Security.CreateUser("[email protected]", "secret") 

if Context.Security.CallResult.Success then 
    if .not. created then
        error_generate("User was not created.") 
    end if 
else
    error_generate(Context.Security.CallResult.Text) 
end if 

' Get current user:
dim userName as C = Context.Security.CurrentUser 

if .not. Context.Security.CallResult.Success then 
    ' Something went wrong retrieving current user
    error_generate(Context.Security.CallResult.Text) 
end if 

if alltrim(userName) = "" then
    ' No user is logged in
    ' Display  "no user is logged in." 
else 
    ' Display user name 
end if

Properties

CallResultCallResult

Context.Security.CallResult is used to check the success or failure of a method call or property get in the Security object. See the note in the Security class description above for more details and examples. Read Only.

CurrentUserCharacter

Context.Security.CurrentUser returns the name of the current user if one is logged in. Otherwise a zero length character value is returned. Check Context.Security.CallResult.Success before using the value that is returned. Read Only.

DefaultRolesCharacter

Context.Security.DefaultRoles returns a crlf delimited list of the default roles to which a new user will be assigned. This value is set in the security settings on the Customize Options tab. Check Context.Security.CallResult.Success before using the value that is returned. Read Only.

IsActiveLogical

Context.Security.IsActive returns .T. if the web application is running with security and returns .F. if the web application is not running with security. Check Context.Security.CallResult.Success before using the value that is returned. Read Only.

LoginPageCharacter

Context.Security.LoginPage returns the page used for logging into an application with security enabled. Check Context.Security.CallResult.Success before using the value that is returned. Read Only.

The following code is an example of how to get an application relative path for the page:

dim relativeUrl as c = Context.Request.ApplicationRootUrl + Context.Security.LoginPage
PasswordChangeOnFirstUseLogical

Context.Security.PasswordChangeOnFirstUse returns .T. if users are required to change password on first use. Check Context.Security.CallResult.Success before using the value that is returned. Read Only.

PasswordExpirationTimeNumeric

Context.Security.PasswordExpirationTime returns the number of minutes user's password expires after it was last changed. A value of 0 means passwords don't expire. The default is set to 1 year (525,600 minutes) in the security configuration in the Developer Edition. Check Context.Security.CallResult.Success before using the value that is returned. Read Only.

PasswordExpiresLogical

Context.Security.PasswordExpires returns .T. if passwords for users can expire. Check Context.Security.CallResult.Success before using the value that is returned. Read Only.

PasswordResetAllowedLogical

Context.Security.PasswordResetAllowed returns .T. if users are allowed to reset their password. Check Context.Security.CallResult.Success before using the value that is returned. Read Only

PasswordRetrievalAllowed Logical

Context.Security.PasswordRetrievalAllowed returns .T. if users are allowed to retrieve their password. Check Context.Security.CallResult.Success before using the value that is returned. Read Only.

RedirectAfterLoginPageCharacter

Context.Security.RedirectAfterLoginPage returns the page used after successfully logging into an application with security enabled. Check Context.Security.CallResult.Success before using the value that is returned. Read Only.

The following code is an example of how to get an application relative path for the page:

dim relativeUrl as c = Context.Request.ApplicationRootUrl + Context.Security.RedirectAfterLoginPage
RedirectNoPermissionPageCharacter

Context.Security.RedirectNoPermissionPage returns the page to be used when a user is not authorized to view a page. Check Context.Security.CallResult.Success before using the value that is returned. Read Only.

The following code is an example of how to get an application relative path for the page:

dim relativeUrl as c = Context.Request.ApplicationRootUrl + Context.Security.RedirectNoPermissionPage
RequiresQuestionAndAnswerLogical

Context.Security.RequiresQuestionAndAnswer returns .T. if users are required to supply an answer to a security question in order to reset or retrieve their password. Check Context.Security.CallResult.Success before using the value that is returned. Read Only.

RolesAreEnabledLogical

Context.Security.RolesAreEnabled returns a .T. if roles are enabled for the security settings of the application. .F. is returned otherwise. Check Context.Security.CallResult.Success before using the value that is returned. Read Only.

UserCountNumeric

Context.Security.UserCount returns the total number of users for the current security application. Check Context.Security.CallResult.Success before using the value that is returned. Read Only.

SecurityQuestionListCharacter

Context.Security.SecurityQuestionList returns a crlf delimited string of security questions defined by the security system. Use this list when a user is created or updated and a security question needs to be selected. Check Context.Security.CallResult.Success before using the value that is returned.

Methods

AddUserToRole Method

Adds a user to the supplied role.

AddUserToRoles Method

Adds a user to the supplied roles

AdministrativeCreateUser Method

Adds a new user with a password.

AdministrativeResetPassword Method

Reset the user's password to a generated password.

ChangeEmail Method

Changes the email address for the user.

ChangePassword Method

Changes the password for the user.

ChangePasswordQuestionAndAnswer Method

Changes the security question and security answer for the user.

CreateRole Method

Adds a role.

CreateUser Method

Adds a new user with a password.

DeleteRole Method

Removes a role.

DeleteUser Method

Delete the specified user

GeneratePassword Method

Generate a password based on the rules defined in the security settings

GetEmail Method

Gets the email address of the specified user.

GetLastPasswordChangedDate Method

Gets the date/time for when a user's password was last set.

GetPasswordQuestion Method

Gets the password question of the specified user

GetRoles Method

Gets a list of all the roles defined in the application's security settings

GetRoleUsers Method

Gets a list of the users which are members of a role.

GetUser Method

Gets the user name for a given ProviderKey.

GetUserProviderKey Method

Gets the provider defined key for a user.

GetUserRoles Method

Gets a list of the roles to which the user belongs.

GetUsers Method

Gets a list of all the users.

GetUsersPaged Method

Gets a partial list of users one page at a time.

IsCurrentUserInRole Method

Checks to see if the current user is in a role.

IsCurrentUserInRoles Method

Checks to see if the current user is in at least one of supplied roles.

IsUserInRole Method

Checks to see if the user is in a role.

IsUserInRoles Method

Checks to see if the user is in at least one of supplied roles.

LockOutUser Method

Locks out the specified user.

Login Method

Logs in a user to a specific page and sets the authentication cookie's lifetime.

Logout Method

Logs out the current user.

PasswordHasExpired Method

Gets whether or not the password of the specified user has expired.

RemoveUserFromRole Method

Removes a user from a role.

RemoveUserFromRoles Method

Removes a user from one or more roles.

ResetPassword Method

Reset the user's password to a generated password.

RoleExists Method

Checks if a role exists.

SetExpirePasswordImmediate Method

Sets or clears a user's password as expired or not.

TestPassword Method

Checks the validity of a password against the validation configuration in security settings.

TestUsername Method

Checks the validity of a user name against the validation configuration in the security settings.

UnlockUser Method

Allows a user to login to the application.

UserExists Method

Checks if the user exists.

UserIsLockedOut Method

Checks if the user is locked out from logging into the application.

ValidateUser Method

Validates the supplied credentials.