Using EnsureAccess to Access Solution Sites
The following figure shows the steps performed by the EnsureAccess subroutine. These steps are described immediately following the figure.
.gif "EnsureAccess logic diagram")
Authenticated Users
Page access is granted to users who are registered and authenticated (user type = AUTH_USER), and have a profile. Authenticated users without a profile are redirected to the error\profile.asp page. All other user types are redirected to the login\login.asp page. This is functionally equivalent to the EnsureAuthAccess function.
Anonymous Users
If login is not required, anonymous users (GUEST_USER) are allowed access to the page. The following steps are performed for anonymous users:
- If login is required on the site, the user is redirected to the login page.
- If the user has previously registered, the user is redirected to the welcome.asp page.
- Otherwise, access to the page is granted.
Anonymous Users
If login is not required, the EnsureAccess subroutine is re-called. The following steps are performed for anonymous users:
- If login is required on the site, the user is redirected to the login page.
- If profiling is enabled on the site, a new profile (with a globally unique identifier (GUID) for the user ID) is created for the user. Otherwise, only the GUID is generated for the user ID.
- The user ID is set in a Profile ticket either as a cookie (if enabled on the client) or a URL query string.
- The user type is changed to GUEST_USER and the access type to GUEST_VISIT.
- The EnsureAccess subroutine is called again in order to trigger the validation logic for anonymous users.
The following pages call the EnsureAccess subroutine:
See Also
Page-Level Access Control for Solution Sites
Using EnsureAuthAccess to Access Solution Sites
Using Anonymous Access for the Retail Solution Site
Copyright © 2005 Microsoft Corporation.
All rights reserved.