Password protect form

  • Thread starter Thread starter Mark Schirle
  • Start date Start date
M

Mark Schirle

Hi,
I want to password protect a form. But I want to be able to use the
users password. I have a front end /back end database using user
security. I have a work station that will be shared. Even though one
user logs onto the program I want to be able to allow other users to add
orders under their name. Since they are part of the mdw file can I
create a form asking for user name and password and then verify this
against info in the mdw file. I can verify the username but i'm having
trouble with the password. Any help would be appreciated.
TIA
 
Access security is session-based ... when you open Access (the program, not
an individual database) you are logging to ULS (User Level Security) at that
time. The user is validated through the .mdw file, and once the user is
validated passwords don't come into play any longer. You can always check
the user by opening a new DBEngine (which allows you to specify and
therefore validate another user), but that's like using a sledgehammer to
drive in a thumbtack.

If, however, you want to do this check online help for Workspace ... I
believe there's a good example of doing something like this.
 
Hi,

My name is Eric. Thank you for using the Microsoft Access Newsgroups.

You wrote:
"Since they are part of the mdw file can I create a form asking for user
name and password and then verify this against info in the mdw file. I can
verify the username but i'm having trouble with the password."


SOLUTION:
I might be missing something here but if the User is in the MDW file and
he's already logged into your application (has to log in the application
before he gets into the Form) then Access Security has verified that this
the correct User. From there you don't need to authenticate his password
you only need to have your code set whatever permissions preventing
whatever user. Example:

IF CurrentUser = "Bob" THEN
DoCmd.OpenForm ......
End IF


ACC2000: How to Change User Passwords Programmatically Using DAO
http://support.microsoft.com/default.aspx?scid=kb;en-us;200665

I hope this helps! If you have additional questions on this topic, please
respond back to this posting.


Regards,

Eric Butts
Microsoft Access Support

"Microsoft Security Announcement: Have you installed the patch for
Microsoft Security Bulletin MS03-026? If not Microsoft strongly advises
you to review the information at the following link regarding Microsoft
Security Bulletin MS03-026
<http://www.microsoft.com/security/security_bulletins/ms03-026.asp> and/or
to visit Windows Update at <http://windowsupdate.microsoft.com/> to install
the patch. Running the SCAN program from the Windows Update site will help
to insure you are current with all security patches, not just MS03-026."
 
Thanks for your help but I'm not explaining what I need clear enough.
I need to be able to verify a different user while another user is
logged on. The PC is in a open area. Multiple people use it. I dont
want to make them shut the program down and open it under their name
just to use one form but I need to know that the person using the form
is ok to use it. I also need to capture their username for a short
while.
I can easily verify if the username is a valid username but I want to
be able to do something like this
if txtpwd = .password then
let them use the form
else
get the hell out of here
end if
 
Just create a temporary new workspace with the relevent username & password.
If this >works<, the username/password combination is valid. If it
doesn't<, either or both are incorrect.

(untested)

dim ws as workspace
on error resume next
set ws = dbengine.createworkspace ( , "fred", "s3cr3t")
if err.number = 0 then
' fred/s3cr3t is a valid username/password.
else
' it is not.
endif
on error goto 0
set ws = nothing

Check the parameter order in the createworkspace statement. I don't have
Access here to check.

HTH,
TC
 
Creating the temporary workspace is the best solution!!

Otherwise just think what your solution would be:
- read the password of the User that is currently logged in.
In turn would allow you to read the password of every user. Thereby,
defeating the purpose of security.
 
Back
Top