Hi Rick,
Referring to our last consult, I've deployed a build to my staging site and am attempting to get the auth working properly. While it seems to work on my dev system, albeit it doesn't seem to recognize when I log off, I'm getting a 401 when I try the same thing on my stage server. I checked the session value in the cookie and it is the same for both the logged in application tab and the help index page. Thoughts on how to troubleshoot this?
Make sure you create the script map in web.config
for the .htm
extension.
+++ Rick ---
A fine guess, there. 😃
So I added the mapping and now it's just letting me right into the help without being logged in to the app.
Are you sure you're not actually logged in? Also make sure you're not getting a cached page - do a hard refresh. Behavior should match what you're seeing on your dev setup assuming you synced the app properly to the server.
+++ Rick ---
OK. I figured the difference between the two environments (my dev and stage). I needed to add IUSR to the permissions for the root help folder. Now the only thing that's not quite right is that when I sign out of the application in the main tab, the session in the help tab doesn't know that it's logged out. While it won't serve up any other pages, it still leaves the last help page visited visible until I manually refresh the browser. I'm thinking there must be some way to have it recognize that its session has expired on the first click to a different topic.
Thanks again for your help in getting this hooked up.
So I'm thinking that maybe I can add an authenticate check to HandleStaticHtmlFIles
?
That should not be needed since you have a global authentication check in OnProcessInit()
.
The check for authentication happens in OnProcessInit()
and you should check that. Set a break point and step through the code that checks for authentication and make sure that the HTML pages end up going through it.
+++ Rick ---
Will do. One pattern I'm noticing even before a debug session is that if I go to the top node in the help, which links to index.htm, it does recognize teh session is logged out. But all the rest, which point to obscure HB-generated file names starting with an underscore, do not.
Might be caching. If the page is cached it won't hit authentication... So if you had the page open previously, it might remember the file and cache it.
Again use the debugger and see what hits your process class and what doesn't.
+++ Rick ---