|Summary||This article describes how to set up an authentication portal for web respondents.|
|Written for||Fieldwork manager|
|Keywords||portal; password; authentication|
Table of contents:
- Setting up the user database
- Linking the Webprod server to the SQL
- Finding the public directory of the Webprod
- Adding the authentication portal file
- Configuring the authentication portal
- Possible improvements
Setting up a welcome page for web respondents. Once the respondents enter their password (or an ID), they are redirected to a survey. If they have already started the survey, they should resume were they left off.
- An administrator login on the Web server (Webprod)
- An SQL user access with read/write/database creation authorizations on the SQL Server
- Having downloaded the attachment : Tutorial_ASP_Authentication_new.zip
Setting up the user database.
Open your SQL server Management tool (typically Microsoft SQL Server Management Studio) and create a new database. In this database, add your table containing Users (the respondents) and associated passwords. Here, the new DB is called “Public”, and the new Table is called “Authentication”.
Attention : please create a field called “Pass”, this is going to be needed in a later step.
Populate your table with some examples. I’ve added one row in that table. Mailfirstname.lastname@example.org, name=Stephen, Pass=askia123 (this will be used at step 6).
Linking the Webprod server to the SQL.
Now you need to connect to the webprod server and create a link (DSN) to this newly created DB. This is done using Microsoft ODBC Data Source Administrator. Click “Add” to add a new data source.
Here, I’ve named it “Public” to match the name of the DB I’ve created in the SQL Server. Go through the data source wizard. You’ll need to provide the exact IP address and instance name to the SQL server to be able to reach it correctly. (in my case it was ASKIA-JOHN\SQLEXPRESS). Also you need SQL credentials that are allowed to read this SQL database.
Once this is done, the Webprod is able to “see” the SQL server and therefore the list of authorized respondents.
Finding the public directory of the Webprod.
Now, still on the Webprod server (hosting the web surveys) you need to find the root directory of Windows IIS. It’s usually here :
Adding the authentication portal file.
Then, in the wwwroot folder, put the attached file : Authenticate.asp. This file is the actual connection page that the respondents are going to see before entering the survey. Once the file is in the root, it is accessible via www.yourwebprodserveraddress/Authenticate.asp.
Configuring the authentication portal.
Now setting up that “OK” button.
The respondents should enter the ID in the textbox. Once they press “OK” they are redirected to the survey with a “DoExternalPanel” link.
Documentation here :
To do that, open the “Authenticate.asp with a text editor.
You only need to change the 5 parameters in the chapter called “Please change the parameters” to have a working authentication portal.
- G_strThisPageName needs to be set to the exact name of the .asp file. In my case, it’s “Authenticate.asp”
- G_strInternalName is the exact name of the survey you want to redirect to. In my case, it’s Test1 (it’s matching the task name on the Supervisor).
- G_strBroker is the parameter that is going to be used in the “DoExternalPanel” link. I’ve called my Broker “test”
- G_strDSNName is the name of the DSN you have created at step 2). Mine was called “Public”. Then enter the SQL user id (UID) and password that are allowed to view the Database.
- G_strTable is the name of the table in the SQL containing the list of respondents users/passwords. Mine was called “Authentication”.
Now we are ready to test our authentication portal.
I’m typing in the password of user “Stephen” that I created earlier (step 1) : “askia123”.
I’m then redirected to the survey called “Test1” with a DoExternalPanel link containing the parameters Broker=test and BrokerPanelID=askia123 (see in the URL).
The link has been generated by comparing what was in the textbox to the list of “Pass” in the SQL table (via a SQL Query). If no match is found, an error “unknown ID” will be prompted.
You are welcome to change this SQL Query to fit your needs by adding more fields to the database, and verifying user + password at the same time for example.
You can also tweak the aspect of the .asp page by changing the html/css chapters in the .asp file