Hell Jon. Thanks for that, no worries about the other mail, I do it all the time ;-)
It sounds as if our setup is almost identical, I too have a function that checks the state of the user and then posts a result dependant upon that, if they are not logged in, then I use the: <result name="notLoggedIn" do="login" redirect="true"/> Now, the problem arises once they're on the login form, they fill in their information and hit the 'login' button, which then posts the form information to an event called 'doLogin' which takes the form values and checks them in a query against the database, if a match is found, the user is logged in. What I'm struggling to achieve those is that IF they successfully login, then to post them to the page they were trying to access. So if a user goes to event=articles and they are not logged in, they get passed to event=login where they input the correct information, it'll log them in, and pass them back to event=articles, which they will now be able to see. Thanks again, Rob -----Original Message----- From: Jon Clausen [mailto:[EMAIL PROTECTED] Sent: 10 April 2007 16:40 To: CF-Talk Subject: Re: Direct User after Login Robert, Sorry about that last email. I hit send by mistake:-). The way I've done it is to have a "doCheckLogin" broadcast that fires on every MG event request. The "checkUserLogin" function tests to see if there is an active login state, next whether there are any formfields being posted from the login page, processes those if necessary, and then adds one of the following results to the event depending on the auth state: If the user is logged in: <cfset arguments.event.addResult("isLoggedIn")> If the user is not logged in: <cfset arguments.event.addResult("notLoggedIn")> One of those two results is present on every request and I can modify the authorization check in one place. Then I can test for the value in my MG xml and redirect to the apropriate page or just override the "body" value of the viewstate with something like this: <!-- Give them a message saying they need to be logged in and override the body in the viewcollection --> <result name="notLoggedIn" do="needLogin"/> or <!-- Send them to the login page --> <result name="notLoggedIn" do="login" redirect="true"/> HTH, Jon On Apr 10, 2007, at 10:56 AM, Robert Rawlins - Think Blue wrote: > Hey Chaps, > > > > I've been working on my security system this past week, and I've > pretty much > got a working model for the application, but I've got a couple of > little > features I'd like to try and achieve, one of which is redirecting a > user > after login, to the page they were trying to access in the first > place. I'm > running model glue unity, so I'll give you a brief rundown of how the > application currently authenticates a user. > > > > For any event that i want the user to be logged in for i simply put > out a > broadcast, and listen for a result, this is all configured in the > XML like > so: > > > > <event-handler name="testLogin"> > > <broadcasts> > > <message name="NeedAuthentication" /> > > </broadcasts> > > <views> > > <include name="body" template="dspWhy.cfm" /> > > </views> > > <results> > > <result name="NotAuthenticated" do="Login" > redirect="true" /> > > </results> > > </event-handler> > > > > As you can see the event broadcasts asking for the user to be > authenticated, > my security controller will then check the Boolean in the user > session bean > to see if they have logged into the site for this session, if it > returns > 'false' then the controller sets a result of 'NotAuthenticated' and > the user > is posted to the Login event. > > > > My user can then enter their username and password into the login > form, and > this posts to another method called 'doLogin' which checks their > credentials > against the database, if they match then it sets the session user bean > Boolean value to 'true' so they won't be prompted in future. If > they do NOT > match then the controller sets a result of 'NotVefied' and my > doLogin event > has a listener for that, and posts them back to the login form with > an error > message. > > > > Now presumably I need my controller to post a result called > 'Verified' if > the login is successful and the result can then direct the user to > the page > they were trying to access before realizing they were not logged > in. How do > I make that 'do' event dynamic though? > > > > I've probably made a real hash of that explanation guys, but hopefully > someone will have a couple of ideas to toss into the pot. > > > > Thanks, > > > > Rob > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| ColdFusion MX7 by AdobeĀ® Dyncamically transform webcontent into Adobe PDF with new ColdFusion MX7. Free Trial. http://www.adobe.com/products/coldfusion?sdid=RVJV Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:274950 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
