Robert,
Sorry about that last email. I hit send by mistake:-).
The way I've done it is to have a "doCheckLogin" broadcast that fires
on every MG event request.
The "checkUserLogin" function tests to see if there is an active
login state, next whether there are any formfields being posted from
the login page, processes those if necessary, and then adds one of
the following results to the event depending on the auth state:
If the user is logged in:
<cfset arguments.event.addResult("isLoggedIn")>
If the user is not logged in:
<cfset arguments.event.addResult("notLoggedIn")>
One of those two results is present on every request and I can modify
the authorization check in one place.
Then I can test for the value in my MG xml and redirect to the
apropriate page or just override the "body" value of the viewstate
with something like this:
<!-- Give them a message saying they need to be logged in and
override the body in the viewcollection -->
<result name="notLoggedIn" do="needLogin"/>
or
<!-- Send them to the login page -->
<result name="notLoggedIn" do="login" redirect="true"/>
HTH,
Jon
On Apr 10, 2007, at 10:56 AM, Robert Rawlins - Think Blue wrote:
> Hey Chaps,
>
>
>
> I've been working on my security system this past week, and I've
> pretty much
> got a working model for the application, but I've got a couple of
> little
> features I'd like to try and achieve, one of which is redirecting a
> user
> after login, to the page they were trying to access in the first
> place. I'm
> running model glue unity, so I'll give you a brief rundown of how the
> application currently authenticates a user.
>
>
>
> For any event that i want the user to be logged in for i simply put
> out a
> broadcast, and listen for a result, this is all configured in the
> XML like
> so:
>
>
>
> <event-handler name="testLogin">
>
> <broadcasts>
>
> <message name="NeedAuthentication" />
>
> </broadcasts>
>
> <views>
>
> <include name="body" template="dspWhy.cfm" />
>
> </views>
>
> <results>
>
> <result name="NotAuthenticated" do="Login"
> redirect="true" />
>
> </results>
>
> </event-handler>
>
>
>
> As you can see the event broadcasts asking for the user to be
> authenticated,
> my security controller will then check the Boolean in the user
> session bean
> to see if they have logged into the site for this session, if it
> returns
> 'false' then the controller sets a result of 'NotAuthenticated' and
> the user
> is posted to the Login event.
>
>
>
> My user can then enter their username and password into the login
> form, and
> this posts to another method called 'doLogin' which checks their
> credentials
> against the database, if they match then it sets the session user bean
> Boolean value to 'true' so they won't be prompted in future. If
> they do NOT
> match then the controller sets a result of 'NotVefied' and my
> doLogin event
> has a listener for that, and posts them back to the login form with
> an error
> message.
>
>
>
> Now presumably I need my controller to post a result called
> 'Verified' if
> the login is successful and the result can then direct the user to
> the page
> they were trying to access before realizing they were not logged
> in. How do
> I make that 'do' event dynamic though?
>
>
>
> I've probably made a real hash of that explanation guys, but hopefully
> someone will have a couple of ideas to toss into the pot.
>
>
>
> Thanks,
>
>
>
> Rob
>
>
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Create robust enterprise, web RIAs.
Upgrade & integrate Adobe Coldfusion MX7 with Flex 2
http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:274949
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
