By: Gokhan Ergul
Abstract: This article presents a component that adds a network domain authentication feature to WebSnap. By Gokhan Ergul.
Complete source code for the component and a test project can be found on
If you've had the pleasure of using Delphi 6, you know by now
that -- among a zillion other things -- it performs a lot of tasks with snap: BizSnap,
DataSnap, and the brand new WebSnap. The new components and gizmos are nice,
and they reflect an important truth. Borland has proved once again its expertise
in developing open and extensible frameworks.
WebSnap is of course no exception, as I am about to demonstrate. The
component shown below adds just a few blocks over the architecture
already laid by Borland's WebSnap architects.
Out of the box, WebSnap offers components to add log0in facilities to your Web
sites, and does that without requiring you to write a single line of code
(that's the "snap" part). Renowned TeamB member Nick Hodges has
already shown how to do that in a previous
community article, so I'll just skip to the issue at hand.
If you've already done some work with WebSnap, you're probably tempted to
write a dozen Web-based pet applications just for sport, or perhaps to
facilitate your office productivity -- a Web-based to-do list for you and your
colleagues, a calendar with your appointments on it, a bug-tracking system
for your products -- well, you name it. Now, those apps
won't be quite as slick if they don't require users to log on,
so you'll have to manage user lists and passwords for each app you put on your
Well that's pesky, at best. And unnecessary, if you have a Windows
NT/2000 network somewhere around, since it would surely provide you with
authentication facilities without much hassle, and you wouldn't have to ask your
users to remember yet another Web-site password to use your apps.
My DomainLoginFormAdapter component solves this problem: It takes the username and
password supplied on the log-in page and passes them to the Win32 log-on API to
perform behind-the-scenes authetication through the designated domain or
server. If the log-on attempt succeeds, the user name is added to the WebUserList
component of your WebSnap application and WebSnap processing continues as
The implementation is actually quite easy. The key part is to override the
log-in mechanism supplied by TLoginFormAdapterLoginAction to call the log-on API:
TDomainLoginFormAdapterLoginAction = class(TLoginFormAdapterLoginAction)
procedure ImplExecuteActionRequest(AActionRequest: IActionRequest; AActionResponse: IActionResponse); override;
ImplExecuteActionRequest, which is practically the same as
its overriden version, calls DoDomainLogin:
with TCustomDomainLoginFormAdapter(Adapter) do begin
if UserList <> nil then
UserID := DoDomainLogin
UserID := UserName;
This code in turn resorts to Win32's LogonUser API call to perform the
authentication. If the call succeeds, the user is added to the WebUserList for
WebSnap to refer to it later. And that's about it. Easy, huh?
Please be warned that log-on API is available only on Windows NT/2000 (and
most probably on XP), so this component will not work on a Win9x. But you
surely use a real operating system on your development/deployment machines,
Another requirement of the log-on API is that the calling process must have the SE_TCB_NAME
privilege, which is granted through the "Act as part of operating
system" access right. This shouldn't be an issue on deployment machines,
since system-level services already have that privilege granted, so your WebSnap
application running as a process under IIS will have no difficulty. But if
you're developing and testing your application on Web App Debugger, you should
make sure that right is granted to the logged-on user on your NT/2000 box.
So much for warnings -- let's get back to work.
To get it all working, all you need to do
is create your WebSnap app as usual, and then put a TDomainLoginFormAdapter
component on your log-in page instead of a TLoginFormAdapter. Set the DomainName
property to the name of the domain/server that will authenticate your
users, and you're all set. Run the app, enter your domain user name and password, and
Now other thoughts spring to mind, but, hey, those will require a little more
Gokhan Ergul is a Delphi
user since Delphi 1, and grows to like it more with every new version. He can be
found watching Galatasaray
games and Star Trek TNG episodes, reading
sociology and sci-fi books when he's not coding -- which is not so often!
Try Delphi XE4 free for 30 days
New Instant Trial!
Webinars on demand!
More social media choices:
Delphi on Google+
@RADTools on Twitter
Server Response from: ETNASC01