Re: Witango-Talk: getting a new userreference

Fri, 14 Mar 2008 17:39:57 -0700

No, that would not be a NEW userreference, rather the same userreference that was passed in by cookie. 

Here's the flow;

userreference cookie 'abc' is passed to taf
        @@user$id and @@user$somedata is known from user reference 'abc'
        assign @@request$id == @@user$id
        purge user scope variables
        get new user refernence 'def'
        assign user$id = @@request$id and user$somedata = user's new data
        setcookie

Now on subsequent requests the cookie 'def' is used

Bill

William M. Conlon, P.E., Ph.D.
To the Point
2330 Bryant Street
Palo Alto, CA 94301
   vox:  650.327.2175 (direct)
   fax:  650.329.8335
mobile:  650.906.9929
e-mail:  mailto:[EMAIL PROTECTED]
   web:  http://www.tothept.com


On Mar 14, 2008, at 5:30 PM, Ben Johansen wrote:


that would be
<@USERREFERENCE>
<@ASSIGN SCOPE="cookie" NAME="Witango_UserReference" VALUE="<@USERREFERENCE>">. 

On Mar 14, 2008, at 5:22 PM, William M Conlon wrote:
I want to tear down a user's session (purging all their variables) and give the user a new session with new user variables and a new userreference.
I'll need to <@ASSIGN SCOPE="cookie" NAME="Witango_UserReference" VALUE="@@request$newUserReference">.
How do I generate @@request$newUserReference on the server so I can set the cookie?
I would like the new UserReference to be generated by the server, rather than by my own home-grown approach, so it isn't subject to replay cracking attempts. For example if I just generated a hash from things I new about the user, someone could conceivably work out the algorithm and generate their own userreference to hijack a session (admittedly unlikely).
I don't want to know how the server generates a new userReference -- I just want to get one. 

thanks.

Bill

William M. Conlon, P.E., Ph.D.
To the Point
2330 Bryant Street
Palo Alto, CA 94301
  vox:  650.327.2175 (direct)
  fax:  650.329.8335
mobile:  650.906.9929
e-mail:  mailto:[EMAIL PROTECTED]
  web:  http://www.tothept.com
_____________________________________________________________________ ___ 
TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
______________________________________________________________________ __ TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf 
________________________________________________________________________
TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf

Reply via email to