Hello everyone.

I am trying to write a secure login page using llblgen. I was wondering some of the ways you llblgen developers do this. Normally I would use a sproc with encrypted passwords. And return an id if it was found or not. Is this a good way to do this? I'm sure I can do this with llblgen by passing the credentials with the predicate factory, but is this the best way to do it? Thanks for all the help, you guys are great!

ps... Germany and Netherlands in 12 more days!!!! YEA!

Hi, I am assuming that:

1. You store your user id and password (encrypted) in the Database
2. You are using a ‘generic’ user id and password in your connection string.
3. Using this generic user id, you go to the sproc passing it the user id and password you want ‘validated’.
4. The sproc returns a user id. You use this to establish access.

I do something similar but with a slight variation at step 3. Prior to step 3, I encrypt the clear password from user input. This encrypted password is then passed in at step 3 instead.

Please note that the encryption MUST be the same as the when used prior to it being save in the DB.

Hope this helps.