cocoon-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gerry Kaplan" <>
Subject Authentication question
Date Mon, 07 Nov 2005 03:17:30 GMT
My application requires an additional step for authentication. First, the
user id and password must be validated as usual. I have this part working
just fine. Once the user is authenticated, an additional check needs to be
made to determine whether the user's account status is "active". If the user
is "suspended" (possibly due to a declined credit card transaction), then I
want the user to be redirected to a page which tells them to contact
customer support -- they should not be allowed to be authenticated.

What is the best way to handle this. 

Here's a simple flow for what I need:

User fills in the login page.
If userid/pwd correct
   if account status is "OK"
      redirect to user's home page
      invalidate the user's session
      redirect to "contact us" page
   redirect to "incorrect pwd, try again" page.

Certainly this is a common scenario. I read through the Authentication
framework and understand the basic authentication (which is working fine),
but I don't understand what the additional configuration options give me
(there's no examples of how to use them).

Help please?


View raw message