RE: [Junk E-Mail - LOW] [flexcoders] My authentication help
Can we see the CFC? Shan From: flexcoders@yahoogroups.com [mailto:[EMAIL PROTECTED] On Behalf Of Nick CollinsSent: Wednesday, July 12, 2006 9:18 AMTo: flexcodersSubject: [Junk E-Mail - LOW] [flexcoders] My authentication help I saw someone else posting about having custom authentication, but my issue is a bit different. I have an authentication script done in CFMX7 that seems to be working on the coldfusion side. Essentially it checks to see if the user is valid, if yes, it looks up the role they are assigned and returns that role along with a boolean value of TRUE that they are a valid user. If they're not a valid user, it returns FALSE. Simple enough. However, my problem is in integrating it on the Flex2 side. If I have the CFMX script return nothing when the username or password is invalid, it "works" and doesn't let them in. However, if I actually have it return the value of FALSE, for some reason it still lets them in. Not good. :-) Here's what I've got for my script, and as you can see, for the most part it's the same as what the CF Application Wizard generates.mx:Script ![CDATA[ import mx.events.ValidationResultEvent ; import mx.rpc.events.ResultEvent; import mx.rpc.events.FaultEvent; import mx.utils.ObjectUtil; import mx.controls.Alert; private var lso:SharedObject; private function initApp():void { this.lso = SharedObject.getLocal("auth"); if( this.lso.data['email'] != null ) { this.email.text = this.lso.data['email']; this.rememberLogin.selected = true; } if( this.lso.data['password'] != null ) { this.password.text = this.lso.data['password']; this.rememberLogin.selected = true; } } private function isValid():Boolean { var emailValidResult:ValidationResultEvent = this.emailValidate.validate(this.email.text); var pswdValidResult:ValidationResultEvent = this.pswdValidate.validate(this.password.text ); if (emailValidResult.type==ValidationResultEvent.VALID pswdValidResult.type==ValidationResultEvent.VALID) { return true; } else { return false; } } private function authenticateUser():void { if( isValid() ) { authManager.login( this.email.text, this.password.text ); } } private function errorMessage(msg:String):void { //Alert.show( ObjectUtil.toString(event.message) ); this.errorMsg.text = msg; this.errorMsg.height = 15; this.errorMsg.visible = true; } private function serverFault(event:FaultEvent):void { errorMessage( event.message['message']); } private function login_result(event:ResultEvent):void { // login successful, remember the user. if( Boolean(event.result) ) { if( this.rememberLogin.selected ) { this.lso.data['email'] = this.email.text; this.lso.data['password'] = this.password.text; } else { this.lso.data['email'] = null; this.lso.data['password'] = null; } this.dispatchEvent( new Event('loginSuccessful') ); } else { // login didn't work. show message errorMessage("Login unsuccessful"); } } ]] /mx:Script In the login_result function it's checking the boolean result from the RemoteObject, yes? So how come when the remoting returns FALSE it still goes through? Any ideas? --No virus found in this incoming message.Checked by AVG Free Edition.Version: 7.1.394 / Virus Database: 268.9.10/386 - Release Date: 7/12/2006 __._,_.___ -- Flexcoders Mailing List FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com SPONSORED LINKS Web site design development Computer software development Software design and development Macromedia flex Software development best practice YAHOO! GROUPS LINKS Visit your group "flexcoders" on the web. To unsubscribe from this group, send an email to:[EMAIL PROTECTED] Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service. __,_._,___ -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.394 / Virus Database: 268.9.10/386 - Release Date: 7/12/2006
Re: [Junk E-Mail - LOW] [flexcoders] My authentication help
On Wednesday 12 July 2006 15:31, Shannon Hicks wrote: Can we see the CFC? Shannon could also turn on the flex gateway debug (bottom of the services xml file) and double-check what is coming back. IIRC, return bools from CF appear as strings in AS. -- Tom Chiverton This email is sent for and on behalf of Halliwells LLP. Halliwells LLP is a limited liability partnership registered in England and Wales under registered number OC307980 whose registered office address is at St James's Court Brown Street Manchester M2 2JF. A list of members is available for inspection at the registered office. Any reference to a partner in relation to Halliwells LLP means a member of Halliwells LLP. Regulated by the Law Society. CONFIDENTIALITY This email is intended only for the use of the addressee named above and may be confidential or legally privileged. If you are not the addressee you must not read it and must not use any information contained in nor copy it nor inform any person other than Halliwells LLP or the addressee of its existence or contents. If you have received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 8008. For more information about Halliwells LLP visit www.halliwells.com. Yahoo! Groups Sponsor ~-- Great things are happening at Yahoo! Groups. See the new email design. http://us.click.yahoo.com/TISQkA/hOaOAA/yQLSAA/nhFolB/TM ~- -- Flexcoders Mailing List FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com Yahoo! Groups Links * To visit your group on the web, go to: http://groups.yahoo.com/group/flexcoders/ * To unsubscribe from this group, send an email to: [EMAIL PROTECTED] * Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
Re: [Junk E-Mail - LOW] [flexcoders] My authentication help
cffunction name=login access=remote returntype=boolean cfargument name=email required=false/ cfargument name=password required=false/ CFQUERY name=GetUser datasource=#DSN# SELECT tblSFUsers.UserID, tblSFUsers.User_Name, tblSFUsers.Password FROM tblSFUsers WHERE User_Name= cfqueryparam value=#arguments.email# cfsqltype=cf_sql_varchar AND Password = cfqueryparam value=#Hash(arguments.password)# cfsqltype=cf_sql_varchar /CFQUERY cfset ucomparison = Compare(arguments.email, getuser.user_name )/ cfset pcomparison = Compare(Hash(arguments.password), getuser.password)/ CFIF GetUser.recordcount gt 0 AND ucomparison eq 0 AND pcomparison eq 0 cfquery name=GetSessionSecurity datasource=#DSN# SELECT tblSFAccessLevels.LevelID, tblSFSecurity_Framework.levelid, tblSFSecurity_Framework.useridFROM tblSFAccessLevels INNER JOIN tblSFSecurity_Framework ON tblSFAccessLevels.LevelID = tblSFSecurity_Framework.levelidWHERE tblSFSecurity_Framework.userid = cfqueryparam value=#getuser.userid# cfsqltype=cf_sql_integer /cfquery cfset userRole = #valuelist(GetSessionSecurity.levelid)# cfreturn true CFELSE cfreturn false /CFIF/cffunction On 7/12/06, Shannon Hicks [EMAIL PROTECTED] wrote: Can we see the CFC? Shan From: flexcoders@yahoogroups.com [mailto:flexcoders@yahoogroups.com] On Behalf Of Nick CollinsSent: Wednesday, July 12, 2006 9:18 AMTo: flexcodersSubject: [Junk E-Mail - LOW] [flexcoders] My authentication help I saw someone else posting about having custom authentication, but my issue is a bit different. I have an authentication script done in CFMX7 that seems to be working on the coldfusion side. Essentially it checks to see if the user is valid, if yes, it looks up the role they are assigned and returns that role along with a boolean value of TRUE that they are a valid user. If they're not a valid user, it returns FALSE. Simple enough. However, my problem is in integrating it on the Flex2 side. If I have the CFMX script return nothing when the username or password is invalid, it works and doesn't let them in. However, if I actually have it return the value of FALSE, for some reason it still lets them in. Not good. :-) Here's what I've got for my script, and as you can see, for the most part it's the same as what the CF Application Wizard generates.mx:Script ![CDATA[ import mx.events.ValidationResultEvent ; import mx.rpc.events.ResultEvent; import mx.rpc.events.FaultEvent; import mx.utils.ObjectUtil; import mx.controls.Alert; private var lso:SharedObject; private function initApp():void { this.lso = SharedObject.getLocal(auth); if( this.lso.data['email'] != null ) { this.email.text = this.lso.data['email']; this.rememberLogin.selected = true; } if( this.lso.data['password'] != null ) { this.password.text = this.lso.data['password']; this.rememberLogin.selected = true; } } private function isValid():Boolean { var emailValidResult:ValidationResultEvent = this.emailValidate.validate(this.email.text); var pswdValidResult:ValidationResultEvent = this.pswdValidate.validate(this.password.text ); if (emailValidResult.type==ValidationResultEvent.VALID pswdValidResult.type==ValidationResultEvent.VALID) { return true; } else { return false; } } private function authenticateUser():void { if( isValid() ) { authManager.login( this.email.text, this.password.text ); } } private function errorMessage(msg:String):void { //Alert.show( ObjectUtil.toString(event.message) ); this.errorMsg.text = msg; this.errorMsg.height = 15; this.errorMsg.visible = true; } private function serverFault(event:FaultEvent):void { errorMessage( event.message['message']); } private function login_result(event:ResultEvent):void { // login successful, remember the user. if( Boolean(event.result) ) { if( this.rememberLogin.selected ) { this.lso.data['email'] = this.email.text; this.lso.data['password'] = this.password.text; } else { this.lso.data['email'] = null; this.lso.data['password'] = null; } this.dispatchEvent( new Event('loginSuccessful') ); } else { // login didn't work. show message errorMessage(Login unsuccessful); } } ]] /mx:Script In the login_result function it's checking the boolean result from the RemoteObject, yes? So how come when the remoting returns FALSE it still goes through? Any ideas? --No virus found in this incoming message.Checked by AVG Free Edition.Version: 7.1.394 / Virus Database: 268.9.10/386 - Release Date: 7/12/2006 -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.394 / Virus Database: 268.9.10/386 - Release Date: 7/12/2006 __._,_.___ -- Flexcoders Mailing List FAQ:
Re: [Junk E-Mail - LOW] [flexcoders] My authentication help
Ok, so CF returns booleans as strings... so how might I go about converting those strings back to booleans in the AS code?On 7/12/06, Tom Chiverton [EMAIL PROTECTED] wrote: On Wednesday 12 July 2006 15:31, Shannon Hicks wrote: Can we see the CFC?Shannon could also turn on the flex gateway debug (bottom of the services xmlfile) and double-check what is coming back. IIRC, return bools from CF appear as strings in AS.--Tom ChivertonThis email is sent for and on behalf of Halliwells LLP.Halliwells LLP is a limited liability partnership registered in England and Wales under registered number OC307980 whose registered office address is at St James's Court Brown Street Manchester M2 2JF.A list of members is available for inspection at the registered office. Any reference to a partner in relation to Halliwells LLP means a member of Halliwells LLP. Regulated by the Law Society. CONFIDENTIALITYThis email is intended only for the use of the addressee named above and may be confidential or legally privileged.If you are not the addressee you must not read it and must not use any information contained in nor copy it nor inform any person other than Halliwells LLP or the addressee of its existence or contents.If you have received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 8008. For more information about Halliwells LLP visit www.halliwells.com. Yahoo! Groups Sponsor ~--Great things are happening at Yahoo! Groups.See the new email design. http://us.click.yahoo.com/TISQkA/hOaOAA/yQLSAA/nhFolB/TM~--- Flexcoders Mailing ListFAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txtSearch Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.comYahoo! Groups Links* To visit your group on the web, go to:http://groups.yahoo.com/group/flexcoders/ * To unsubscribe from this group, send an email to:[EMAIL PROTECTED]* Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/ __._,_.___ -- Flexcoders Mailing List FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com SPONSORED LINKS Web site design development Computer software development Software design and development Macromedia flex Software development best practice YAHOO! GROUPS LINKS Visit your group "flexcoders" on the web. To unsubscribe from this group, send an email to:[EMAIL PROTECTED] Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service. __,_._,___