J�rg Walter <[EMAIL PROTECTED]> writes:
> On Monday 02 September 2002 19:28, Mark A. Hershberger wrote:
>
>> works correctly when I call it directly. When I attempt to go to
>> location protected via the Session component (/admin/edit.xsp), I
>> get the login screen (internal redirect to /login.xsp), but
>
> It should be an external redirect. It looks like a bug in the session plugin -
> I never used LoginScript myself. I will look into this, but don't hold your
> breath.
If you think it is going to be a while, could you fix the
documentation so that it doesn't give people the wrong idea?
> As a well-tested alternative, use LoginScript None,
> ErrorDocument 403 /redirect?url=/login.xsp, and 'require not
> user guest'
Ok...
So I found that I was using an older version of Apache::Session.
Upgrading that made things work a little better, but if I send a
user to a page with some query string, say "id=1212", the string
is truncated when it is redirected to the authentication page. I
suspect the orig_save_params() function, for what its worth.
Is it possible that you could point me to a working set of
examples? Something that covers authentication with Session? I
have been trying to get authentication to work, but I seem to be
extremely dense because re-reading the pod, searching the mailing
list archives, etc. leaves me with no leads. If there is just
some example code w/o documentation, I'd be happy to write up a
howto (provided I figure it out).
The docs, by the way are wrong here, as well:
To use authentication, you have to provide a login script
which displays a login form, verifies those values and
calls Apache::AxKit::Plugin::Session->login($r,$user_name)
on success. This can easily be done with the PerForm XSP
taglib combined with the Auth taglib. If you want logouts,
you have to write a custom logout script. Both functions
are provided in the Auth XSP taglib for ease of use.
This is incorrect since the login function in the source uses the
second argument for a destination, not a user name. It seems to
be talking about authen_cred() instead.
Mark.
--
If you don't have the time to do it right, where are you going to find
the time to do it over?
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
