cocoon-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Antonio Gallardo" <>
Subject Re: Access session user data from flow
Date Tue, 09 Dec 2003 03:13:00 GMT
Jeremy Quinn dijo:
> On 8 Dec 2003, at 14:31, Antonio Gallardo wrote:
>> Upayavira dijo:
>>> Is it more useful to return a UserHandler than a boolean? The auth.js
>>> code is experimental, and can thus be changed. If you can supply a
>>> usecase as to why it should be changed, personally, I'd say go ahead
>>> and
>>> commit a change. It is good to have real users using the code, as
>>> what I
>>> came up with was just a first iteration.
> My use-case was that I wanted to read values from the authentication
> XML in my 'login' script, because we needed to see certain values (eg.
> the user's full name) outside of the security zone. I read the values I
> need and set them as Session Attributes.

I did the same :-D But I think you did it more general. I just added some
functions to allow this:

/* Returns the userID in the session */
function auth_getUserID() {
  var handler = "authhandler";
  var authMgr = null;
  try {
    authMgr = cocoon.getComponent(Packages.o.a.c...Authentication....ROLE);
    // autentication
    if (authMgr.checkAuthentication(null, handler, null)) {
      // User already autenticated, get the UserID
      var userId = authMgr.getState().getHandler().getUserId();
      return parseInt(userId);
  } finally {
  return null;

> A much better way of handling that IMHO would be to use a FlowScript
> based authentication pipeline, and set up the Session there. This
> unfortunately is still alluding us, we still get bizarre errors (null
> FOM_Request etc.) when attempting this, after much research ..... we
> now only get it the 2nd time someone logs in  =:'(  (deeply weird).

In our case, we have the code already stable. No problems.

> Another thing I have done to the flow-auth-fw is to Woodify it .....
> maybe you'd be more interested in that?

We have "woodified" code too. :-D

>> Hmm... I think this kind of changes will break the authentication for
>> people that already use it (I am one of them). I prefer to first talk
>> about this change and if it is OK. Make the change.
>> Is this OK?
> No offence Antonio , but is it a Sample or an API ? :)

Part of them is sample, but there is an auth.js inside the
authentication-fw block that is not a sample to me. I mean:


> But I am perfectly happy to discuss any changes that might be made ....

I agree. Lets discuss about it. I think it is a good idea. I don't have
problem to show the code we did. Is this OK? Then I am sure we can got a
better support for woody and flow in the auth-fw.

Best Regards,

Antonio Gallardo

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message