Hi Steve, the possibility of empty passwords has been removed with the kernel rollup 1 - and I am sure AX4 also will not allow empty passwords anymore. Also, the "empty" hash in the table userinfo will not be valid anymore... br, Tobias
> -----Ursprüngliche Nachricht----- > Von: Axapta-Knowledge-Village@yahoogroups.com [mailto:Axapta-Knowledge- > [EMAIL PROTECTED] Im Auftrag von Steve Oberholzer > Gesendet: Dienstag, 14. Februar 2006 17:40 > An: Axapta-Knowledge-Village@yahoogroups.com > Betreff: RE: [Axapta-Knowledge-Village] IAxapta<..> return values > > Hey Zappia > > I've developed a ASP.NET web application in C# that works with the ABC. > Maybe we can share some knowledge? > > I've never been keen on Axapta's IDE and tools myself, and take virtually > any opportunity to steer clear from it. > > I've gotten hold of the same articles that you got hold of, but in the end > I used the try-catch block in C# as it was probably the simplest way to do > it. > > What I did find that alarms me to this day, is that you can get in with > only passing the username, and an empty string for the password. > > I'm going to be changing the login to disallow blank passwords and make it > a rule that the default password for a user has to be greater than an > empty string. > > What Axapta seems to be doing in the background, is to take a hash of the > password that is entered and compare it with the hash of the password that > is stored at database level. Oh, and by the way, if you ever forget an > Axapta password, you can just update it in the database (table UserInfo) > to an empty string, and the system will allow you to get in without typing > a password for the user. You won't find this table in the AOT though, so > you'd have to use a tool such as SQL Query Analyser and run the statement: > SELECT * FROM UserInfo > to view this table. > > Below is a sample piece of C# code where I use the TRY-CATCH to trap > invalid passwords. The user is the windows user, not a portal user though, > but so far it is working okay. > > private void cmdLogin_Click(object sender, System.EventArgs e) > { > AxaptaCOMConnector.Axapta2Class oAxapta = new > AxaptaCOMConnector.Axapta2Class(); > > try > { > string sConnect = ConfigurationSettings.AppSettings["connect"]; > // Attempt to logon to Axapta using the Axapta COM Connector. > oAxapta.Logon2(txtUsername.Text, txtPassword.Value, "", "", "", > "", "", false, "", ""); > // Open a connection to the Axapta SQL Database. > OleDbConnection oCon = new OleDbConnection(sConnect); > oCon.Open(); > // Add objects to Session state. If code execution gets here > without error, we're okay to go. > Session["AXDB"] = oCon; > Session["ABC"] = oAxapta; > Session["LoginOK"] = true; > // Navigate to the requisition main page. > Response.Redirect("req_main.htm"); > } > catch (Exception ex) > { > // Display an error message on the screen. > lblError.Text = ex.Message; > } > } > > Please feel free to mail me. I'm very much interested in the way that you > use the ABC. > > I use it to do all my CRUD (Create Read Update Delete), and a couple of > other things. I've found too many snags by doing straight SQL inserts and > updates. One of them being the RECID field that is on every table. There > are ways and means of working around it, but it is better to do inserts > and updates through the ABC as Axapta is then the culprit should something > go wrong... :) > > Good luck... > Steve Oberholzer > > > > > -----Original Message----- > From: Axapta-Knowledge-Village@yahoogroups.com [mailto:Axapta-Knowledge- > [EMAIL PROTECTED] On Behalf Of Zappia Alessandro > Sent: 14 February 2006 06:15 > To: development-axapta@yahoogroups.com; Axapta-Knowledge- > [EMAIL PROTECTED] > Subject: [Axapta-Knowledge-Village] IAxapta<..> return values > > Hi everybody! > I'm experiencing some troubles trying to get the return values for the > IAxapta objects of the Business connector. > > For example, official documentation (AxDvgCOMUs.chm) claims that > > HRESULT Logon2( > [in, optional] VARIANT user, > [in, optional] VARIANT userPassword, > [in, optional] VARIANT company, > [in, optional] VARIANT language, > [in, optional] VARIANT serverManager, > [in, optional] VARIANT objectServer, > [in, optional] VARIANT configuration, > [in, optional] VARIANT isWebUser, > [in, optional] VARIANT reserved2, > [in, optional] VARIANT reserved3 > ); > > is the declaration of the Logon2 method (defined in the IAxapta2 > interface) > > Official help claims also what follows: > > "The return value obtained from the returned HRESULT is one of the > following: > > Return value Meaning > -------------------------------------------------------------------------- > -- > S_OK Success > E_FAIL General failure > E_INVALIDARG One or more of the arguments is > invalid > E_OUTOFMEMORY Out of memory > AXAPTA_E_LOGGED_ON The IAxapta object is already logged > on > AXAPTA_E_NO_SECURITY_KEY The security key for using the Axapta > Business Connector or the Axapta > Internet Connector is disabled > AXAPTA_E_LOGON_SYSTEM_CHANGED An IAxapta object has already logged > on to another Axapta system (see > comments) > ...." (and so on) > > But when I add a reference to the business connector component in my c# > project, I see that all methods that should give back a return value (the > one I shown is just an example) in reality return "void". > Am I wrong?Is there something that I miss or the documentation is not > valid (it would be quite disappointing...)? I can't understand, and if I > use the OLEviewer to inspect ABC classes I should state that for real no > return values are provided... > If this, is there a way to get those return values elsewhere? > > Many many thanks! > > > > > > Sharing the knowledge on Axapta. > Visit www.frappr.com/axapta for axapta friends. > Yahoo! Groups Links > > > > > > > > This is an email from Bytes Technology Group. It is confidential to the > ordinary user of the email address to which it is addressed > and may contain copyright and/or legally privileged information. > No one else may read, print, store, copy, forward or act in > reliance upon all or any part of it or its attachments. If you > received this email in error please notify its sender. > > > Sharing the knowledge on Axapta. > Visit www.frappr.com/axapta for axapta friends. > Yahoo! Groups Links > > > > > > Sharing the knowledge on Axapta. Visit www.frappr.com/axapta for axapta friends. Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/Axapta-Knowledge-Village/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
