Hi Adam,
You are perfectly right. However, I'm in dire need of a Ajax style login.
Do you have any clue on how to go about implementing the sytem?
Adam Tistler wrote:
>
> Even if you use AJAX, the page will still refresh because the AuthCookie
> module's authentication method redirect's you back to the login page so
> that the session cookie can be checked. You might be able to get around
> that by overloading the authentication method using a subrequest instead
> of a redirect, although I am not entirely sure that will work.
>
You say something about overloading the authentication method? Does that
mean I've to overload the "login" method? Is that a standard way?
It would help me a lot if you can tell me how to send an XML back if in
case the login fails. What I mean is the following.
sub authen_cred {
# this is the first time user is logging in
my $allow = check_user_credentials(...);
if $allow {
# generate cookie that is checked subsequently my auth_sess_cookie
...
} else {
# return a XML with http status set to HTTP_FORBIDDEN
...
}
}
Is that understandable? How do I implement the else part? If I simply say
something like...
HTTP_FORBIDDEN unless check_user_credentials(...)
I see that the browser simply displays "404" on the screen. I thought that
this implies that I can break the authen_cred -> auth_sess_key flow, if in
case I can return an XML and further using AJAX, can display a error message
when login fails. Let me know, if there is something that I'm overlooking
currently! Finally, what about the method 'custom_errors'; would that help?
--
View this message in context:
http://www.nabble.com/asynchronous-perl-authentication%21--tf3860218.html#a11009508
Sent from the mod_perl - General mailing list archive at Nabble.com.
