Restrict Access sometimes works

Similar Messages

• Access control - Restricted access not working

  Hi
  I have an application I have created an Access Control administration page in. I have set the application mode to 'Restricted access. Only users defined in the access control list are allowed'. I have defined two users one with administrator and one with edit privileges. I have a third workspace user who is not listed on the access control page.
  I have added the authorisation scheme to the tabs, pages and page items I require. This appears to work fine if I change the privilege of one of the listed users to 'view' the items disappear and cannot be accessed.
  The issue I have is that the workspace user who is not listed can still log into the application, and has the same access as 'view' privilege. My understanding is that the 'Restricted Access' application mode should prevent this user from accessing this application as they are not explicitly listed?
  Have I missed some set-up, misunderstood the meaning of 'restricted access' or is it some sort of bug? I am assuming I have missed some set-up somewhere.
  PS This is APEX 4.0.2 on 11g
  Edited by: tlane on 15/02/2011 19:43

  I have set the application up on apex.Oracle.com
  http://apex.oracle.com/pls/apex/f?p=48123:101:506666493527664
  four users have been defined :
  control_admin
  control_edit
  control_view
  control_na
  The first 3 are defined on the access control page available on the user_admin tab when you login as control_admin user.
  user control_na is not listed but can still access the application.
  password for all users is : demo1234
  Thanks in advance for all help with this issue.

• Restrict Access Not working

  I have 3 folders - Admin, Private, Public
  I have 3 values for Permissions 1=Admin, 2=Private, 3=Public
  I have an automatic redirect when a user logins in
  ie. a privater user logins in and is redirected to /private/index.php
  Which works great, now i placed a restrict access folder behavior to the private folder and only selected 2 for the permission (private access). Now when the private user logins in and is redirected to /private/index.php it says access denied please login.
  Why is it not allowing that person to get to that page. Ive checked the /private/index.php page and it says:
  //Start Restrict Access To Page
  $restrict = new tNG_RestrictAccess($conn_portersonline, "../../");
  //Grand Levels: Level
  $restrict->addLevel("1");
  $restrict->addLevel("2");
  $restrict->Execute();
  Anybody have any ideas???

  Here is my session setting in Php
  Session Support enabled
  Registered save handlers files user
  Directive Local Value Master Value
  session.auto_start Off Off
  session.bug_compat_42 On On
  session.bug_compat_warn On On
  session.cache_expire 180 180
  session.cache_limiter nocache nocache
  session.cookie_domain no value no value
  session.cookie_lifetime 0 0
  session.cookie_path / /
  session.cookie_secure Off Off
  session.entropy_file no value no value
  session.entropy_length 0 0
  session.gc_divisor 100 100
  session.gc_maxlifetime 1440 1440
  session.gc_probability 1 1
  session.name PHPSESSID PHPSESSID
  session.referer_check no value no value
  session.save_handler files files
  session.save_path .\ .\
  session.serialize_handler php php
  session.use_cookies On On
  session.use_only_cookies Off Off
  session.use_trans_sid Off Off

• Page Restricted Access not working

  Hey everyone. I just added a page to my website and it needs to have restricted access. I want it to be accessable to administrators only, so here's what I've done.
  For the log-in page, my box is as follows:
  This is my restrict access box:
  And here's the data from the MySQL database:
  Not sure what I need to do, for every time I try to log in with my information (correct values checked), I get redirected to my error page.
  Thanks in advance if you can help!

  I have set the application up on apex.Oracle.com
  http://apex.oracle.com/pls/apex/f?p=48123:101:506666493527664
  four users have been defined :
  control_admin
  control_edit
  control_view
  control_na
  The first 3 are defined on the access control page available on the user_admin tab when you login as control_admin user.
  user control_na is not listed but can still access the application.
  password for all users is : demo1234
  Thanks in advance for all help with this issue.

• "access restrictions" did not work sometimes when using 3-tier DeskI.

  My customer found that "access restrictions" did not work sometimes when using 3-tier DeskI.
  But this issue can be solved by logging on from another machine, or restarting the DeskI.
  For I can reproduce this issue, so I just want to know that:
  1.What is it probably related to?
  2.If this issue happens again, what can I suggest my customer for tracking it?
    For example, get some log files from servers etc.
  Thanks!

  Hi Sarah,
  Also you can try the following solution.
  1. Import the universe.
  2. Go to manage access restrictions
  3. Remove the restriction .
  4. Again create the rescrition and unchecked the " limit size of result set to"
  5. Now assign it to the unlimited results group ( this is the name of
  the group we have given to those users who should be able to retrieve
  more than X rows)
  6. Now we save the universe. (Dont export the universe).
  I hope this will help you.
  Regards,
  Sarbhjeet Kaur

• WRT54GS Internet Access Restriction Doesn't Work

  I have a WRT54GS wirless router and I can't get the internet access restriction capability to work. I'm trying to limit the time my kid's spend on their laptops, but the settings don't seem to take hold.
  I have upgraded to the latest firmware (V4.71.1) for my router. (AT least I think it's the latest). I am using the Wireless MAC Filter for security, so only my family's PC's can access my wireless router (and I'm not broadcasting my SSID to the world). In the Internet Access Restriction screen, I have my kid's PC's MAC addresses in the PC list... same ones that I'm using to allow them to access the router, so I know they're correct. Then I have set the settings to 'Deny' internet access during specific time periods: 12:00 am - 1: 00 pm, 3:00 pm - 8:00 pm, and 10:00 pm - 11:55 pm. I have 'Enabled' and 'Save Settings', so they should be live. After all this, my kids can still access the internet... this just doesn't seem to work.
  Any ideas? Shouldn't this work even without the latest firmware?

  Open the setup page of the router,Set the Radio Band to Standard-20MHz and change the Standard channel to 11-2.462GHz..Under Advanced Wireless Settings..Change the Beacon Interval to 50,Change the Fragmentation Threshold to 2304,Change the RTS Threshold to 2304 and Click on Save Settings...Also reduce the MTU size to 1350.
  For Access Restriction,try this link.

• Restrict Access To Page Not Working with Different Auth Levels

  I have just started playing with the idea of using different auth levels to allow different users access to certain pages on my site.
  Within my SQL database I have a authlevel table consisting of 3 possible levels (guest, user, admin)
  I am using the Dreamweaver "Log in user" to log in users based on username, pass, and auth level and "Restrict access to page" set to allow user levels 'user' and 'admin'.
  The problem, however, occurs when trying to log in.  No matter what auth level I try I am redirected to my page where users should be redirected if they are not allowed to enter that page.
  I have included below my code from my login page and the page where all authorized users (user and admin) should be directed upon entering the restricted area.
  Login Page:
  <?php require_once('../Connections/hondovfd.php'); ?>
  <?php
  if (!function_exists("GetSQLValueString")) {
  function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
    if (PHP_VERSION < 6) {
      $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
    $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
    switch ($theType) {
      case "text":
        $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
        break;   
      case "long":
      case "int":
        $theValue = ($theValue != "") ? intval($theValue) : "NULL";
        break;
      case "double":
        $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
        break;
      case "date":
        $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
        break;
      case "defined":
        $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
        break;
    return $theValue;
  ?>
  <?php
  // *** Validate request to login to this site.
  if (!isset($_SESSION)) {
    session_start();
  $loginFormAction = $_SERVER['PHP_SELF'];
  if (isset($_GET['accesscheck'])) {
    $_SESSION['PrevUrl'] = $_GET['accesscheck'];
  if (isset($_POST['username'])) {
    $loginUsername=$_POST['username'];
    $password=$_POST['password'];
    $MM_fldUserAuthorization = "authlevel";
    $MM_redirectLoginSuccess = "/membersonly/membersonly.php";
    $MM_redirectLoginFailed = "/membersonly/loginfailed.php";
    $MM_redirecttoReferrer = false;
    mysql_select_db($database_hondovfd, $hondovfd);
    $LoginRS__query=sprintf("SELECT username, password, authlevel FROM login WHERE username=%s AND password=%s",
    GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text"));
    $LoginRS = mysql_query($LoginRS__query, $hondovfd) or die(mysql_error());
    $loginFoundUser = mysql_num_rows($LoginRS);
    if ($loginFoundUser) {
      $loginStrGroup  = mysql_result($LoginRS,0,'authlevel');
      //declare two session variables and assign them
      $_SESSION['MM_Username'] = $loginUsername;
      $_SESSION['MM_UserGroup'] = $loginStrGroup;          
      if (isset($_SESSION['PrevUrl']) && false) {
        $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];    
      header("Location: " . $MM_redirectLoginSuccess );
    else {
      header("Location: ". $MM_redirectLoginFailed );
  ?>
  <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  <html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/phptemplate.dwt" codeOutsideHTMLIsLocked="false" -->
  <head>
  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
  <!-- InstanceBeginEditable name="Title" -->
  <title>Log In</title>
  <!-- InstanceEndEditable -->
  <meta name="description" content="Hondo Fire and Rescue serves the Arroyo Hondo and Canada Village areas of Santa Fe County, NM." />
  <meta name="keywords" content="hondo, hondo fire, hondo vfd, hondo fire department, santa fe county fire department, santa fe county, volunteer fire department, hondo volunteer fire department" />
  <link href="../stylesheet.css" type="text/css" rel="stylesheet" />
  <!--[if IE]>
  <style type="text/css">
  #mainContent, #sidebar1 { zoom: 1;}
  </style>
  <![endif]-->
  <script src="../SpryAssets/SpryMenuBar.js" type="text/javascript"></script>
  <link href="../SpryAssets/SpryMenuBarVertical.css" rel="stylesheet" type="text/css" />
  </head>
  <body class="thrColLiqHdr">
  <div id="container">
  <div id="header"></div>
    <div id="sidebar1">
    <h3>Navigation : </h3>
    <ul id="MenuBar1" class="MenuBarVertical">
    <li><a href="/index.php">Home</a></li>
  <li><a href="/support.php">Support Hondo</a></li>
    <li><a class="MenuBarItemSubmenu" href="#">Information Menu</a>
      <ul>
        <li><a href="/people.php">Our People</a></li>
        <li><a href="http://www.google.com/maps/ms?ie=UTF8&hl=en&msa=0&msid=101620713606637979698.00045b6ead4ab4ea70b78&z=11" target="_blank">Response Area</a></li>
        <li><a href="/medical.php">Medical</a></li>
        <li><a href="/apparatus.php">Apparatus</a></li>
        <li><a href="/training.php">Training</a></li>
        <li><a href="/volunteer.php">Volunteer</a></li>
        <li><a href="/statistics.php">Statistics</a></li>
        <li><a href="/patchtrading.php">Patch Trading</a></li>
      </ul>
    </li>
    <li><a href="/album.php">Photo Gallery</a></li>
    <li><a href="/calendar.php">Calendar</a></li>
    <li><a href="/news.php">Blog/News</a></li>
    <li><a href="/links.php">Links</a></li>
    <li><a href="/contact.php">Contact Us</a></li>
  </ul>
  <br />
  <form action="https://www.paypal.com/cgi-bin/webscr" method="post">
    <span class="lefttext">
  <input type="hidden" name="cmd" value="_s-xclick">
  <input type="hidden" name="hosted_button_id" value="8567201">
  <input type="image" src="https://www.paypal.com/en_US/i/btn/btn_donate_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!" />
  <img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
  </img></input></input>
    </span>
  </form>
  <span class="lefttext"><br />
  </span>
  <center>
    <span class="lefttext"><a href="http://www.facebook.com/pages/Santa-Fe-NM/Hondo-Volunteer-Fire-Department/74284233488" target="_blank" class="lefttext">Hondo VFD on Facebook</a></span>
  </center>
    <!-- end #sidebar1 --></div>
    <div id="sidebar2"> 
      <p><a href="/membersonly/login.php">Log In</a> | <a href="/membersonly/logout.php">Log Out</a></p>
      <p>Call Statistics for <?php
  $myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/month.txt";
  $fh = fopen($myFile, 'r');
  $theData = fread($fh, filesize($myFile));
  fclose($fh);
  echo $theData;
  ?> as of <?php
  $myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/date.txt";
  $fh = fopen($myFile, 'r');
  $theData = fread($fh, filesize($myFile));
  fclose($fh);
  echo $theData;
  ?></p>
    <table width="90%" border="0" cellspacing="0" cellpadding="0">
    <tr>
      <td width="60%">EMS Calls</td>
      <td width="40%"><?php
  $myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/emscalls.txt";
  $fh = fopen($myFile, 'r');
  $theData = fread($fh, filesize($myFile));
  fclose($fh);
  echo $theData;
  ?></td>
    </tr>
    <tr>
      <td>Fire Calls</td>
      <td><?php
  $myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/firecalls.txt";
  $fh = fopen($myFile, 'r');
  $theData = fread($fh, filesize($myFile));
  fclose($fh);
  echo $theData;
  ?></td>
    </tr>
  </table>
    <hr />
      <div id="cse" style="width:100%;">Loading</div>
  <script src="http://www.google.com/jsapi" type="text/javascript"></script>
  <script type="text/javascript">
    google.load('search', '1');
    google.setOnLoadCallback(function(){
      new google.search.CustomSearchControl().draw('cse');
    }, true);
  </script>
       <!-- End Google Search Element -->
    </div>
    <!-- end #sidebar2 -->
    <div id="mainContent">
    <div class="top"></div><div class="wrap"><!-- InstanceBeginEditable name="Main Content" -->
  <table width="100%" border="0" cellspacing="0" cellpadding="0">
    <tr>
      <td height="47" class="h2">Members Only Login</td>
    </tr>
    <tr>
      <td><form ACTION="<?php echo $loginFormAction; ?>" id="login" name="login" method="POST">
      <table width="40%" border="0" cellspacing="0" cellpadding="0">
    <tr>
      <td width="31%">Username:</td>
      <td width="69%"><input name="username" type="text" /></td>
    </tr>
    <tr>
      <td>Password</td>
      <td><input name="password" type="password" /></td>
    </tr>
  </table>
  <input name="Submit" type="submit" />
      </form></td>
    </tr>
  </table>
    <!-- InstanceEndEditable -->
  </div>
  <div class="bottom"></div>
  </div>
       <!-- This clearing element should immediately follow the #mainContent div in order to force the #container div to contain all child floats --> <br class="clearfloat" />
    <div id="footer">
      <p align="center">&copy; Copyright 2009 Hondo Volunteer Fire Department | <a href="mailto:[email protected]">Contact Us</a><a href="http://www.legalhelpers.com/chapter-13-bankruptcy/chapter13.html"></a><br />Hosting provided by <a href="http://studiox.com/" target="_blank">Studio X</a></p>
    <!-- end #footer --></div>
  <!-- end #container --></div>
  <script type="text/javascript">
  <!--
  var MenuBar1 = new Spry.Widget.MenuBar("MenuBar1", {imgRight:"../SpryAssets/SpryMenuBarRightHover.gif"});
  //-->
  </script>
  <?php include_once("/var/home/hondovfd/hondovfd.org/www/analyticstracking.php"); ?>
  </body>
  <!-- InstanceEnd --></html>
  Other Page:
  <?php
  if (!isset($_SESSION)) {
    session_start();
  $MM_authorizedUsers = "user,admin";
  $MM_donotCheckaccess = "false";
  // *** Restrict Access To Page: Grant or deny access to this page
  function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
    // For security, start by assuming the visitor is NOT authorized.
    $isValid = False;
    // When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
    // Therefore, we know that a user is NOT logged in if that Session variable is blank.
    if (!empty($UserName)) {
      // Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
      // Parse the strings into arrays.
      $arrUsers = Explode(",", $strUsers);
      $arrGroups = Explode(",", $strGroups);
      if (in_array($UserName, $arrUsers)) {
        $isValid = true;
      // Or, you may restrict access to only certain users based on their username.
      if (in_array($UserGroup, $arrGroups)) {
        $isValid = true;
      if (($strUsers == "") && false) {
        $isValid = true;
    return $isValid;
  $MM_restrictGoTo = "/membersonly/loginfailed.php";
  if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {  
    $MM_qsChar = "?";
    $MM_referrer = $_SERVER['PHP_SELF'];
    if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
    if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0)
    $MM_referrer .= "?" . $QUERY_STRING;
    $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
    header("Location: ". $MM_restrictGoTo);
    exit;
  ?>
  <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  <html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/phptemplate.dwt" codeOutsideHTMLIsLocked="false" -->
  <head>
  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
  <!-- InstanceBeginEditable name="Title" -->
  <title>Members Only Area</title>
  <!-- InstanceEndEditable -->
  <meta name="description" content="Hondo Fire and Rescue serves the Arroyo Hondo and Canada Village areas of Santa Fe County, NM." />
  <meta name="keywords" content="hondo, hondo fire, hondo vfd, hondo fire department, santa fe county fire department, santa fe county, volunteer fire department, hondo volunteer fire department" />
  <link href="../stylesheet.css" type="text/css" rel="stylesheet" />
  <!--[if IE]>
  <style type="text/css">
  #mainContent, #sidebar1 { zoom: 1;}
  </style>
  <![endif]-->
  <script src="../SpryAssets/SpryMenuBar.js" type="text/javascript"></script>
  <link href="../SpryAssets/SpryMenuBarVertical.css" rel="stylesheet" type="text/css" />
  </head>
  <body class="thrColLiqHdr">
  <div id="container">
  <div id="header"></div>
    <div id="sidebar1">
    <h3>Navigation : </h3>
    <ul id="MenuBar1" class="MenuBarVertical">
    <li><a href="/index.php">Home</a></li>
  <li><a href="/support.php">Support Hondo</a></li>
    <li><a class="MenuBarItemSubmenu" href="#">Information Menu</a>
      <ul>
        <li><a href="/people.php">Our People</a></li>
        <li><a href="http://www.google.com/maps/ms?ie=UTF8&hl=en&msa=0&msid=101620713606637979698.00045b6ead4ab4ea70b78&z=11" target="_blank">Response Area</a></li>
        <li><a href="/medical.php">Medical</a></li>
        <li><a href="/apparatus.php">Apparatus</a></li>
        <li><a href="/training.php">Training</a></li>
        <li><a href="/volunteer.php">Volunteer</a></li>
        <li><a href="/statistics.php">Statistics</a></li>
        <li><a href="/patchtrading.php">Patch Trading</a></li>
      </ul>
    </li>
    <li><a href="/album.php">Photo Gallery</a></li>
    <li><a href="/calendar.php">Calendar</a></li>
    <li><a href="/news.php">Blog/News</a></li>
    <li><a href="/links.php">Links</a></li>
    <li><a href="/contact.php">Contact Us</a></li>
  </ul>
  <br />
  <form action="https://www.paypal.com/cgi-bin/webscr" method="post">
    <span class="lefttext">
  <input type="hidden" name="cmd" value="_s-xclick">
  <input type="hidden" name="hosted_button_id" value="8567201">
  <input type="image" src="https://www.paypal.com/en_US/i/btn/btn_donate_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!" />
  <img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
  </img></input></input>
    </span>
  </form>
  <span class="lefttext"><br />
  </span>
  <center>
    <span class="lefttext"><a href="http://www.facebook.com/pages/Santa-Fe-NM/Hondo-Volunteer-Fire-Department/74284233488" target="_blank" class="lefttext">Hondo VFD on Facebook</a></span>
  </center>
    <!-- end #sidebar1 --></div>
    <div id="sidebar2"> 
      <p><a href="/membersonly/login.php">Log In</a> | <a href="/membersonly/logout.php">Log Out</a></p>
      <p>Call Statistics for <?php
  $myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/month.txt";
  $fh = fopen($myFile, 'r');
  $theData = fread($fh, filesize($myFile));
  fclose($fh);
  echo $theData;
  ?> as of <?php
  $myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/date.txt";
  $fh = fopen($myFile, 'r');
  $theData = fread($fh, filesize($myFile));
  fclose($fh);
  echo $theData;
  ?></p>
    <table width="90%" border="0" cellspacing="0" cellpadding="0">
    <tr>
      <td width="60%">EMS Calls</td>
      <td width="40%"><?php
  $myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/emscalls.txt";
  $fh = fopen($myFile, 'r');
  $theData = fread($fh, filesize($myFile));
  fclose($fh);
  echo $theData;
  ?></td>
    </tr>
    <tr>
      <td>Fire Calls</td>
      <td><?php
  $myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/firecalls.txt";
  $fh = fopen($myFile, 'r');
  $theData = fread($fh, filesize($myFile));
  fclose($fh);
  echo $theData;
  ?></td>
    </tr>
  </table>
    <hr />
      <div id="cse" style="width:100%;">Loading</div>
  <script src="http://www.google.com/jsapi" type="text/javascript"></script>
  <script type="text/javascript">
    google.load('search', '1');
    google.setOnLoadCallback(function(){
      new google.search.CustomSearchControl().draw('cse');
    }, true);
  </script>
       <!-- End Google Search Element -->
    </div>
    <!-- end #sidebar2 -->
    <div id="mainContent">
    <div class="top"></div><div class="wrap"><!-- InstanceBeginEditable name="Main Content" -->
      <table width="100%" border="0" cellspacing="0" cellpadding="0">
    <tr>
      <td height="47" class="h2">Members Only Area</td>
    </tr>
    <tr>
      <td><p><a href="/membersonly/documents.php">Useful Documents</a></p>
        <p><a href="/membersonly/IncidentCount01_08.pdf">Current Call Statistics</a> as of 9/3/09</p>
        </td>
    </tr>
  </table>
    <script type="text/javascript">
  <!--
  var MenuBar1 = new Spry.Widget.MenuBar("MenuBar1", {imgRight:"../SpryAssets/SpryMenuBarRightHover.gif"});
  //-->
  </script><!-- InstanceEndEditable -->
  </div>
  <div class="bottom"></div>
  </div>
       <!-- This clearing element should immediately follow the #mainContent div in order to force the #container div to contain all child floats --> <br class="clearfloat" />
    <div id="footer">
      <p align="center">&copy; Copyright 2009 Hondo Volunteer Fire Department | <a href="mailto:[email protected]">Contact Us</a><a href="http://www.legalhelpers.com/chapter-13-bankruptcy/chapter13.html"></a><br />Hosting provided by <a href="http://studiox.com/" target="_blank">Studio X</a></p>
    <!-- end #footer --></div>
  <!-- end #container --></div>
  <script type="text/javascript">
  <!--
  var MenuBar1 = new Spry.Widget.MenuBar("MenuBar1", {imgRight:"../SpryAssets/SpryMenuBarRightHover.gif"});
  //-->
  </script>
  <?php include_once("/var/home/hondovfd/hondovfd.org/www/analyticstracking.php"); ?>
  </body>
  <!-- InstanceEnd --></html>

  you don't need all that bloat.  set a session during login of some kind of uniquely identifying id.  i.e.
  $_SESSION['id'] = $row_rs['id'];
  then on the pages you need to protect, check it like this....
  <?php
  session_start();
  if (!(isset($_SESSION['id']) && $_SESSION['id'] != '')) {
  die(header("Location: http://www.notinprotectedareas.com")); }
  ?>
  you can use an include file i.e.
  <?php require_once('login_check.php'); ?>
  where file is name login_check.php to make your auth controls clean on your protected pages.

• Lock Box setting does not restrict access

  I have a folder that is set to restrict access - write only mode for everyone - so when my nephews visit, they cannot access my personal files. This is a single user/logon computer. A couple of times now when I click on the "locked" folder in Finder, it opens for full access. The contents of the finder window wiggled back and forth several times and the folder opened. I could also access the folder contents from application. When I did a get info, the settings were still for write only. I backed out of the folder to the desk top and then back to the folder and it behaved properly. Program access was also once more restricted.
  One perhaps unrelated thing. Just before this happened, when I clicked on any application on the dock, I got the appropriate finder window instead of switching to or launching the application. It too now works normally.
  Any ideas?

  Permissions repairs apply only to items that leave receipt information, essentially only items installed by Apple's installer. As far as stated features working correctly, the permissions system is designed around the user account concept. If you are trying to use it otherwise, you will be disappointed. The computer can't possibly know who is using it, only what account is trying to access something.
  Admin users have more privileges than other user accounts. This is necessary to managing the computer. If you want reliable privacy, you must create a less privileged account for others to use; otherwise they will have the same privileges you do. This is no different from leaving your front door unlocked because you want it to function for your convenience.
  Regarding folders with system as owner, none should be in your home directory, nor should you be able to change the owner's permissions to write only, whatever the owner is. You can change the permissions of another user added to the list to write only, or those of a group or others, but the owner must always have read privileges. The Finder should not let you violate this rule.
  Likewise, you should not have any folders with just admin, wheel, & everyone entries in the list. Admin & wheel are both groups (indicated by the two-headed silhouette icon) -- groups cannot be the principle owner (indicated by the one-headed silhouette icon). Missing entries indicate no access privileges for that entity & should never apply to the principle owner.
  One potential source of confusion is that non-owner users added to the permissions list also appear with the single-headed silhouette (these permissions are controlled by ACL entries, not the main owner/group/others settings) & sometimes the list in Get Info is not in strict owner/group/others sequence. There are also some anomalies associated with accounts migrated from Tiger.
  Because of all this, it is best not to trust the Get Info permissions info to give you the full permissions picture. For that, the Terminal is a better tool. You can use the "ls" command with the "-l" option to show expanded preference info, or with the "-l@e" option to show still more, including extended attributes & the ACL. (Note that the "l" character is a lower case ell, not a capital eye or a one.) If necessary, see the Mac OS X Manual Page For ls(1) for more info about how to use the command.

• Time restricted rule not working.

  BM 3.9 NW 6.5 SP7 iManager 2.6.
  I have a time restricted rule on a couple of web sites so that they can only be accessed outside working hours but they dont appear to work properly. Sometimes the site will be blocked and other times it goes straight to it. Also if I get the access denied page 403 as soon as you hit the back button the site will load and ignore the rule ! Is this a bug or is my rule incorrect ?
  Rule is set for allowable hours between 6pm to 7am with a lunch break between 12 and 2pm. It is alos set on a particular NDS container and I have specified the urls to be blocked. The allow box is ticked as I presumed that this meant it would only allow acces during the specified time. If I switch to deny it doesnt seem to make any difference. I know that if the page has been previously cached it will look for it there first so can I disable cache for this site ?
  Ay help to any part of this problem is much appreciated.

  I can't see the time being an issue as the page originates from the UK which is also where I am. It doesn't appear to work full stop. I added new rules for different web sites and none of them obey the time restrictions. I also tried deleting and recreating, using wildcards and substrings exclusions but nothing appears to make any difference. I have cleared the PC and BM cache as well. Now I cant seem to replicate the initial error when using the back button as the page is displayed anyway. Is there a definition for setting time rules as I cant seem to find much info on it. ie when setting the time restrictions you hughlight the bixes to allow access at those times. Then do you allow access or deny access on the rule ? What do you specify as the url you want to restrict. I itried Source, destination, url just about all options so what are the rule components needed to make it complete. If it helps I want to block Sky Sports | Home during working hours 6am to 12pm and 2pm to 6pm.
  Thanks,
  Jeff

• Problem with Restrict Access to Page with access level using ASP

  I'm using Dreamweaver CS3 with ASP-VBScript and an Access
  database. The pages were created from scratch for this project,
  using those tools all the way through.
  I've created a login page, an admin homepage, and add, edit,
  and list records pages for three tables. The login page uses the
  Server Behavior "Log in User", all other pages use the Server
  Behavior "Restrict Access to Page". All of these are based on an
  Access Level.
  Login seems to work correctly, and redirects to the admin
  homepage. From the admin homepage, I can open any other page as
  expected, and they initially display correctly. On the add and edit
  pages, however,
  submitting the form often results in getting logged out, but
  not always.
  Once this happens, I can log back in, but other problems will
  sometimes occur during that second login session. Sometimes,
  logouts will occur on pages that worked fine during the first login
  session. Sometimes, another session variable that I've setup
  manually will change when it shouldn't...as if there were two
  values stored for my session variable, and reloading the page
  changes to the other value.
  This
  post seems closest to my experience, but it doesn't look like
  there was really an answer beyond "I had to fight with it for a bit
  to get it to work":
  I suspected that there is some problem with session settings
  on the server. We have an almost identical tool on the same server
  that was developed with an older version of DW that works more
  reliably; it sometimes has problems with the initial login, but
  never has a problem after that.
  Has anyone experienced problems like this? Any suggestions
  for what to check? I'm really pulling my hair out since it's so
  unreliable...the kind of problem that goes away when you try to
  show someone and comes back when they leave.

  Hello,
  I was thinking that all I would need would be the username, although username and paswsword would be more secure.  There are about 50 users and no groups or levels.  They are all equal ... same level.
  The website is private and there is a general content area for all users and then there will be private areas for each user where proprietary documents will be held.  I need to be able to ensure that user 'A' can only see the user 'A' pages, user 'B' can only see user 'B', etc.
  I don't really understand what the Dreamweaver script is doing, but the overview sounded like it was the right tool to accomplish what I'm trying to do.
  Any assistance greatly appreciated.
  thanks.

• Restricted access to attachments in SRM 7.0 web applications

  Hi,
  We have a very specific problem regarding the handling of attachments with SRM 7.0 web applications. The system is configured to use ArchiveLink for storing documents on a remote content server, which is working fine.
  Now we have a requirement which should restrict access to certain documents to specific user groups. As an example you could say that a Purchase order has (besides others) two documents attached, e.g.
  - signed contract
  - meeting minutes
  The contract should only be visible to a limited number of people, whereas the Meeting Minutes are accessible to everybody.
  Our problem is that apparently only one Content Category ("BBPFILESYS") is used by the SRM web applications for an upload. When granting authorizations on this content category, we cannot distinguish between contracts and meeting minutes anymore.
  Comparing this with the config in ECC we can freely define document types which can be used in AUTH profiles. Is there any similar solution that can be used in SRM 7.0?
  Any help would be greatly appreciated.
  Cheers,
  Mark

  Hello,
  Have a look at note 1334202. It provides some inputs.
  Regards,
  Ricardo

• ASA WebVPN. How do you restrict access to users in an AD group using LDAP?

  Hi All,
  I am trying to configure separate WebVPN connection profiles to give different portal bookmark contents to users based on their AD group membership.  This has been very difficult, even though I beleive it should be easy.
  The login page of teh ASA by default has a dropdown to allow default users to access the default portal and the SSL VPN client connection.
  There are two other portals that I would like to restrict access to based on AD group membership.  I have set these up to be selected by URL.
  The biggest problem is, I have no way of knowing how to go about this.  The AAA LDAP options show a group membership search, which I have configured, but I cannot say "Profile X is restricted to AD group CarpetBaggers", so that if soneone that is NOT a carpetbagger tries to log in, it fails.
  I can only do an all or nothing scenario.
  It would be nice to use Dynamic Access Policies to do this, and I have created a few, but they do NOT seem to work when the drop down aliases or URLs are in use.  So how do I go about using them in this scenario?  Turning off the aliases or URLs is not really an option right now.
  Scenario 1 would work the best for me.  Restrict access to profiles/groups based on AD group membership using LDAP.
  Scenario 2 would be an ideal longer term solution.
  Any thoughts, ideas or assitance would be greatly appreciated.
  Cheers

  This is exactly what i was looking for, and Nelson is correct.  When you enter the DAP configuration for a profile click on "Advanced" and there is the option to create a logical expression.  The guide (ther is a button to access this) is really helpful, with a couple of examples.  This is what i used:
  assert(function()
     if ( (type(aaa.ldap.distinguishedName) == "string") and
          (string.find(aaa.ldap.distinguishedName, "OU=Users") ~= nil) )
  then
         return true
     end
     return false
  end)()
  from the debug dap you can see what Users relates to;
  DAP_TRACE: Username: MyUsername, aaa.ldap.distinguishedName = CN=Mr B,OU=Users,OU=Site ******,DC=CH,DC=Mycompany,DC=com
  My admin account fails to get me in to the same profile:
  DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["distinguishedName"]="CN=Admin Mr B,OU=Admin Users,OU=Site *****,DC=CH,DC=Mycompany,DC=com"
  Thanks
  Andrew

• HT201304 Is it possible to restrict access to specific IOS apps based on the WIFI profile that a user has connected to?

  Is it possible to restrict access to specific IOS apps based on the WIFI profile that a user has connected to?

  you might be able to block it if the app uses Internet access
  and depending on your wireless you might be able to block a specific user
  accessing the backend host that the app uses
  some firewalls offer application filtering but I'm not aware of any that work with ios apps

• Best way to restrict access to documents (outside of the group or library level)

  Hi, we're thinking of implementing SharePoint Server 2013 Standard Edition for our organization. Many of our employees are research scientists working on proprietary information. From the (admittedly little) I understand about SharePoint, if a user wants
  to restrict access to a particular document to the 2 or 3 people with whom they're collaborating (and also have it not appear in the search results), they will have to email their power user to request that a new document library be created in which they can
  store their documents. Is that correct? In this case, what is the best way to handle item-level permissions? Users absolutely want to have the freedom to restrict access to their documents themselves rather than being forced to go to their power user. Thanks.

  Hi,
  Per my knowledge, if you want to restrict access to the documents to some users, then you need to have Manage Permissions permission to modify other users’ permission on the documents.
  If you do not have the Manage Permissions permission, I recommend to ask the site administrator to create a workflow as below to remove the corresponding users’ permission on the documents which you uploaded. You can start the workflow on the document you
  upload and then the permission of the users set on the workflow will be removed from the document.
  Best regards.
  Thanks
  Victoria Xia
  TechNet Community Support

• How do you restrict access to custom applications?

  When I create portlets, there is usually an associated "admin" functionality that needs to be created for each custom application. An example is a shopping cart that we just created, we needed admins to be able to go in and upload photos.
  The way that I do this is I create a new portlet "Shopping Cart Admin" and restrict access to it that way. However, because I usually add everything in the /remoteserver/shoppingcart/. folder to the gateway space (its too painful to add one by one), this means that I can't put admin.aspx in that folder. So I usually end up creating a NEW folder /remoteserver/shoppingcartadmin/ for the admin portlet.
  Long story short, its a lot of work. I know that I could try to use activity rights, but those seem very global. How do you control edit access to your custom portlets?

  Well, there are a few different ways to go about it. You could add a preferences page with the admin functionality, and then an admin would just have to click the little pencil in the portlet titlebar. No admin/edit access, no little pencil.
  I have often set the visibility of an ASPX control directly from activity rights, in OnPageLoad, if it isn't postback time. The activity rights should be inherited by the user, through the user's group. Best practise is to create empty groups called Roles, add activity rights to the Roles, and then have the actual groups (that contain users) inherit from one or more Roles.
  You already knew that part, I added it for the others. My personal definition of a portlet is 'polymorphous instance of a web service'.
  So:
  Role: Store Manager (has Edit Shopping Cart activity right)
  ^
  Group: Store Managers (has Store Manager parent group)
  User: Vladimir (inherits Edit Shopping Cart activity right)