Running this function in a given page will verify via session variables if the user is currently logged in using their Active Directory account (referred to as Link Blue by UK), and part of an authorized group. At the time of writing, I do not have access to the necessary ou containers, so groups are passed through an array parameter in the function call. Not exactly Fort Knox security, but is enough to squash spammers and stop curious onlookers. More importantly, internal customers are no longer able to skip or fudge registration information on various forms and training materials.
Action Flow
- User in session.
- No authorized list provided.
- User name is found in authorized list.
- Page loads normally.
- User is not part of authorized list.
- Rejection message is prepared; user is then sent to sign in page and given message.
- User not in session.
- Message with URL to return is prepared. user is sent to sign in page page and will be given message on successful log in.
1 Comment