Unauthorized user

Scriptcase 9 General
#1

After deploy on server all the user get error (Unauthorized user ) except admin (administrator privilege).

Can you help me?

#2

If I understand correctly, you have deployed a secured project, but only the admin account can access the applications. But can you provide a few more details? Like

  • Do the users exist in the database?
  • How is the password secured?
  • Are your users seeing the login form as the default page?
  • What sort of security has been applied “User”, “Application” or “Group”?
  • Have you assigned the user permissions correctly, especially if you are using “Application” security?
#3

I’m getting same problem All my users call me about the same message, before it worked fine.
This message appears after some time maybe 60 Minutes. I need fix it Urgent:
[ATTACH=CONFIG]n76410[/ATTACH]

sc_user_not_auth.JPG

#4

One thing to try is to check the security box ‘run stand-alone’. It’s one of the newer security options to prevent hacks and I suspect that your main application(s) are set to ‘on’. Only your main applications that should be able to start-up w.o. logging on should be set to off.

#5

Hi, Albert, I was viewing the option for security. It appear be well.
I enter to my app fine but, in maybe 30 minutes, It Show the message.

Add message error with my options in security:
[ATTACH=CONFIG]n76432[/ATTACH] [ATTACH=CONFIG]n76433[/ATTACH]
I have my App opened and i can enter to my forms. But, after 30 Minutes, If i select one option of my menu, appears the message.

ERROR_USER2.JPG

sc_error_options.JPG

#6

Hi Alvagar,

Could it be that your php session has expired? Another option is that your csrf token has expired (if you use that).

#7

This is my Configutions in my forms for security ( and Php configuration, I am using a VPS):

[ATTACH=CONFIG]n76441[/ATTACH] [ATTACH=CONFIG]n76442[/ATTACH]

sc_usernot_form_security.JPG

sc_usernot_php_security.JPG

#8

Here. my infophp for sessions:

[ATTACH=CONFIG]n76448[/ATTACH]

sc_usernot_phpinfo_security.JPG

#9

Well php session time is around an hour which is longer than 30 minutes. Have you set csrf to on? Then you need to look into the code to see which limit is in use as this is a software solution, not a php solution. Otherwize I’m out of options. There could be a sessiontime override somewhere, i.e. in scriptcase code. Otherwise I have no clue. On the other hand, if this is the case after 30 minutes of idle, I personally wouldn’t mind but …

#10

I Changed all my forms and controls: CSRF to ON, but the problems persist.

#11

Sorry, I’m out of options. Bugreport?

#12

Thanks for your help, I will look for some other option that I believe can solve.

#13

I am following this with interest. Please let us know if you find a fix.

#14

Hi, jack, I am trying solve it. I have other app con codeigniter and It works fine, My App with SC and App Codeigniter both work under the same domain.
I do not Know Why. with SC i have this problem and with Codeigniter No. In this moment i am installing SSL, Maybe It can help me.

#15

I think I have found it. In the Scriptcase option->settings there’s a scriptcase session time out parameter and it’s default is… 30 minutes.

#16

I already had tried with That Option. I have set 600 Min for SC session Timeout.
I can see SC have other option in Settings. I Will try with each one (Maybe Pass the PHP session ID in the Url).

This is my configuration in my setting: (There is an option for SSL)

[ATTACH=CONFIG]n76482[/ATTACH]

SC_setting.jpg

#17

Mind you, the malware need not even be on your site.

#18

You mean that an infection caused your trouble?