By default, the server uses the DataEase Users table for authentication, but you can also use your own. To do that you have to add a few lines to the rdrrxaaa.ini file. Here are the details. All fields except the one marked as password field are also added to session variables.

Ini name What Default
AuthTable This is the table that will be used for authentication Users
AuthFieldUsername The field in the table used for the username. Name
AuthFieldPassword The field in the table used for the password. Password
AuthFieldLevel The field in the table used for the level. Level
AuthLevelDefault The default level used if nothing is set in the table.  Low3
AuthMethod Can be paintext of hash. The plaintext checks the password as sent from user, the hash method uses the next tree setting to define how it works. plaintext
AuthHashType Can be MD5 or SHA1
AuthSaltPre The text to put in front of a password before doing the hash.
AuthSaltPost The text to put after the password before doing the hash.

No setting means Users.

Example of setting custom authentication

What I have done is to create a new table named "Authentication". Then I add the following fields and a button to generate the password hash manually for a new user as we show how to use hash for authentication method. In this way we will not store the actual password for the user, just a salted hash that can not be reversed, just checked if you have the right salt and hash method to use.

Field What Map to
EMail We use the email as user name when authenticating. It is much easier to remember and there is no need for both a username and a email address as long as this is what we use AuthFieldUsername
FirstName Persons first name to be used in heading. Extra
PWHash AuthFieldPassword
LastName Person last name. Extra
Level A choice field with level. Should not be shown to people that is registering online. This should have a low default and be raised by a administrator. To save data you would need Medium3. AuthFieldLevel
Password A virtual editable field where you can add your password in clear text and a button that saved to hash to the PWHash field that will be stored. This fields and button can be used to reset passwords for users, but the password it self  can never be restored by reading the hash. Virtual

List of fields and what we use them for.

define temp "TheHash" Text 250.
define temp "PW" Text 250 .
define temp "prehash" Text 250 .
define temp "posthash" Text 250 .
define temp "Dummy" Text .
prehash := DEOS("@AppIniGet" , "Server" , "AuthSaltPre") .
--Dummy := alert(concat("Prehash: " , prehash)) .
posthash := DEOS("@AppIniGet" , "Server" , "AuthSaltPost") .
--Dummy := alert(concat("Posthash: " , posthash)) .
PW := GetValue("Password") .
TheHash := DEOS("@Hash", "SHA1", concat(prehash , PW , posthash)) .
PW := SetValue("PWHash",TheHash) .

Code on button with Action Execute DQL to create and store a password in form. If you look at the concat for creating the hash with DEOS("@Hash"...) there are a prehash and posthash var that is read from the [Server] section in the RDRRxAAA.INI file for AuthSaltPre and AuthSaltPost values. These are needed by the password check routine to validate the password.

Next step is to configure the method in the RDRRxAAA.INI file used for application configurations.


This example is for the live server, to use it with the development server change [Server] to [DevServer]. Generate at least 20 char long pre and post salt using a password generator.