I had the same need. I'm not where my source is but if I recall I use the session transformer within the login pipeline to load the authentication session info into my own session context only on success. Then this info is available to all pipelines (either via the session input module or the session transformer) and I use XSL to add the loginname to the XML if it is available.
I don't know the security implications of this approach; in my case there is no sensitive info in the auth info. I assume it is the same as using sessions in general.
Hope this helps, Steve
I want to implement very simple scheme: if user is not loged in, every page on site contains login form, if user is logged in, there is "hello, $user" message and logout button.
session context "authentication" is only available if pipeline is within auth-protect acition, but not in auth-loggedIn action.
How should I pass auth ID to XSLT stylesheet that forms page?
The only way I've found is to manually encode it in URL and using different map:matches to tell logged access from nonloged.
Is there better way ?
Are there better authentication techniques, other then actions and flowscripts ?
_________________________________________________________________
MSN Life Events gives you the tips and tools to handle the turning points in your life. http://lifeevents.msn.com
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
