Logging in a user: Session Variable Require Round Trip?

Tue, 02 Mar 2004 07:50:23 -0800

Hi all,

It's the crux of any application. I'm maintaining state through session
variables which are set within the cflogin tag on the application.cfm
template. Once I verify the user, I set a variable called
Session.Agency_No right there in the application.cfm tag (see code
below).

The problem is that I get an error that this session variable is not
set, and I think I know why - a redirect is required in order for the
application to set the cookie on the client, correct? This may explain
the fact that if I log out (which structClears the session) and log back
in, the cookie matches the session variable and the app works.

In the past, I've always used a meta refresh in my login page, and I
guess I still need one. So, if I need a redirect for session variables,
how is it that cfLoginUser does not need one? And what is the preferred
method in doing the round trip (Meta refresh, cflocation,
getPageContext().forward(), etc.)? Is there any way around it? Does
anyone successfully set session variables within the cflogin tag?

Thanks in advance for any assistance.

<cflogin IDLETIMEOUT="1800">
   <cfif cflogin.name is "" or cflogin.password is "">
      <H2>Error: You must enter text in both fields.</H2>
      <cfinclude TEMPLATE="loginform.cfm">
      <cfabort>
    <cfelse>
      <cfquery NAME="loginQuery" DATASOURCE="#request.SECURITYdsn#">
      Select a.AgencyNo, a.UserName, a.Password, b.IOCSystem,
b.AccessLevel
FROM WEBUsers AS a INNER JOIN IOCWebSysAccess AS b on a.AgencyNo
= b.AgencyNo and a.Username=b.UserName
where  a.AgencyNo = '#form.agency#'
      AND a.UserName = '#cflogin.name#'
      AND a.Password = '#cflogin.password#'
      </cfquery>
      <cfif loginQuery.AccessLevel NEQ "">
        <cfloginuser NAME="#cflogin.name#" PASSWORD =
"#cflogin.password#"
               ROLES="#loginQuery.AccessLevel#">
  <CFLOCK SCOPE="SESSION" TIMEOUT="100" TYPE="EXCLUSIVE">
    <cfif loginQuery.AccessLevel eq "ADMIN">
<cfset session.Agency_No = "ADMIN">
<cfset session.GroupLevel = "ADMIN">
  <CFELSEIF loginQuery.AccessLevel eq "IOC">
<cfset session.Agency_No = "IOC">
<CFSET session.GroupLevel = "IOC">
  <CFELSEIF loginQuery.AccessLevel eq "AGY">
<cfset session.agency_No = cfLogin.Name>
<cfset session.groupLevel = form.Agency>
  <CFELSE>
<cfset session.agency_No = loginQuery.AccessLevel>
  </cfif>
</CFLOCK>
     <cfelse>
        <H2>Your login information is not valid.<br>
               Please Try again</H2>
        <cfinclude TEMPLATE="login.cfm">
         <cfabort>
      </cfif>
    </cfif>   
</cflogin>

Sincerely,

Andrew
Webmaster
Illinois Comptroller's Office
www.IllinoisComptroller.com
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]

Reply via email to