On Wednesday, 24. April 2002 17:58, Tod Harter wrote:
> Does someone have an example setup for using the AxKit::XSP::Auth taglib?
> The learning curve on this thing is kind of steep ;o). Specifically I'm a
> bit unclear on the useage of the <auth:login/> tag. Some example XSP would
> be really handy!
Here is an excerpt from an actual XSP page I use:
Imagine a ESQL query around this snippet which retrieves an encrypted
password+userdata. $input_pass contains the password passed through the login
form.
-----------------------------------------------------------------------
<esql:row-results>
<xsp:logic>
if (<auth:password-matches>
<auth:clear><xsp:expr>$input</xsp:expr></auth:clear>
<auth:encrypted><esql:get-string column="password"/></auth:encrypted>
</auth:password-matches>) {
<auth:login>
<auth:access type="user"><esql:get-string
column="login"/></auth:access>
<auth:access type="level"><esql:get-int column="level"/></auth:access>
<xsp:logic>
foreach my $group (split(/,/,<esql:get-string column="groups"/>)) {
<auth:access
type="group"><xsp:expr>$group</xsp:expr></auth:access>
}
</xsp:logic>
</auth:login>
}
</xsp:logic>
</esql:row-results>
------------------------------------------------------------------------
That site uses the three authorization values "user", "group" and "level" -
this is completely optional, you can get away with only using "user" (which
is mapped to $r->user and even appears in the httpd log file), or you can
implement other authorization values via subclassing.
The only difference between <auth:login> and <auth:set-access> is that a
previously logged in session with the same "user" value is logged out (one
login per user).
--
CU
Joerg
PGP Public Key at http://ich.bin.kein.hoschi.de/~trouble/public_key.asc
PGP Key fingerprint = D34F 57C4 99D8 8F16 E16E 7779 CDDC 41A4 4C48 6F94
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
