cocoon-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Antonio Gallardo" <agalla...@agsoftware.dnsalias.com>
Subject Re: Access session user data from flow
Date Tue, 09 Dec 2003 03:13:00 GMT
Jeremy Quinn dijo:
>
> On 8 Dec 2003, at 14:31, Antonio Gallardo wrote:
>
>> Upayavira dijo:
>>> Is it more useful to return a UserHandler than a boolean? The auth.js
>>> code is experimental, and can thus be changed. If you can supply a
>>> usecase as to why it should be changed, personally, I'd say go ahead
>>> and
>>> commit a change. It is good to have real users using the code, as
>>> what I
>>> came up with was just a first iteration.
>
> My use-case was that I wanted to read values from the authentication
> XML in my 'login' script, because we needed to see certain values (eg.
> the user's full name) outside of the security zone. I read the values I
> need and set them as Session Attributes.

I did the same :-D But I think you did it more general. I just added some
functions to allow this:

/* Returns the userID in the session */
function auth_getUserID() {
  var handler = "authhandler";
  var authMgr = null;
  try {
    authMgr = cocoon.getComponent(Packages.o.a.c...Authentication....ROLE);
    // autentication
    if (authMgr.checkAuthentication(null, handler, null)) {
      // User already autenticated, get the UserID
      var userId = authMgr.getState().getHandler().getUserId();
      return parseInt(userId);
    }
  } finally {
    cocoon.releaseComponent(authMgr);
  }
  return null;
}

> A much better way of handling that IMHO would be to use a FlowScript
> based authentication pipeline, and set up the Session there. This
> unfortunately is still alluding us, we still get bizarre errors (null
> FOM_Request etc.) when attempting this, after much research ..... we
> now only get it the 2nd time someone logs in  =:'(  (deeply weird).

In our case, we have the code already stable. No problems.

> Another thing I have done to the flow-auth-fw is to Woodify it .....
> maybe you'd be more interested in that?

We have "woodified" code too. :-D

>> Hmm... I think this kind of changes will break the authentication for
>> people that already use it (I am one of them). I prefer to first talk
>> about this change and if it is OK. Make the change.
>>
>> Is this OK?
>
> No offence Antonio , but is it a Sample or an API ? :)

Part of them is sample, but there is an auth.js inside the
authentication-fw block that is not a sample to me. I mean:

org/apache/cocoon/webapps/authentication/flow/javascript/auth.js

> But I am perfectly happy to discuss any changes that might be made ....

I agree. Lets discuss about it. I think it is a good idea. I don't have
problem to show the code we did. Is this OK? Then I am sure we can got a
better support for woody and flow in the auth-fw.

Best Regards,

Antonio Gallardo


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org


Mime
View raw message