Re: Authentication "lost" in flowscript [SOLVED]

[Oscar Picasso <os...@yahoo.com>]

Just solved after my previous posting.

Actually, as I didn't use cookies, nor url encoding for my password form
action, the user session got 'lost' on diplaying the form.

I wrongfully assumed, that while I was using continuations I didn't need to
keep track of the user session.


--- Oscar Picasso <os...@yahoo.com> wrote:

> I have a problem when combining the authentication framework with flowscript.
> Here is the relevant code.
> 
> <map:match pattern="">
>   <map:act type="auth-loggedIn"> 
>     <map:parameter name="handler" value="managehandler"/>
>     <map:act type="auth-protect">
>       <map:parameter name="handler" value="managehandler"/>
>       <map:generate
> src="cocoon:/{session-context:authentication/authentication/ID}"/>
>       <map:serialize type="xhtml"/>
>     </map:act>
>   </map:act>
>   <map:redirect-to uri="login"/>
> </map:match>
> ...
> 
> function login(form) {
> 
>   var model = form.getModel();
>   var email = cocoon.parameters["email"];
>   var handler = cocoon.parameters["handler"];
>   print("email: " + email);
>   print("handler: " + handler);
> 
>   if(email != null && email != "")
>   {
>     model.email = email;
>   }
> 
>   form.showForm("login/form/display");
> 
>   cocoon.request.setAttribute("email", model.email);
>   cocoon.request.setAttribute("password", model.password);
> 
>   var authenticated = auth_login(handler, null, {})
> 
>   if(authenticated)
>   {
>     print("authenticated");
>     cocoon.sendPage("/"); [1]
>   }
>   else
>   {
>     print("not authenticated");
>     cocoon.sendPage("/authentication-failure");
>   }
> }
> 
> [1] Actually send the page relevant to the actual authenticated user (when
> the
> user is authenticated the pipeline actually generate
> "cocoon:/{session-context:authentication/authentication/ID}")
> This part works great.
> 
> Now, from inside the "user page", I have a link that points to the "password"
> pipeline.
> 
> <map:match pattern="password">
>     <map:act type="auth-protect">  <!-- give access to the context -->
>       <map:parameter name="handler" value="managehandler"/>
>       <map:call function="handleForm">
>         <map:parameter name="function" value="password"/>
>         <map:parameter name="form-definition" value="cocoon:/password-form"/>
>       </map:call>
>     </map:act>
> </map:match>
> ...
> 
> function password(form) {
>   form.showForm("password/form/display");
>   cocoon.sendPage("/"); [2]
> }
> 
> The form is properly displayed when the user is authenticated.
> 
> I have also printed the context info from inside the password function and it
> properly prints all the authentication user info. However on submitting the
> password form, the cocoon.sendPage("/") [2] sends an empty page to the
> browser.
> 
> I have also tried to send others protected pages from the password function
> and
> it redisplays the initial login just like if the user authentication were
> lost.
> 
> Any idea?
> 
> NOTE: the password pipeline is actually supposed to do something more useful.
> I
> made it simpler just to try to understand what's going on.
> 
> 
> 		
> _______________________________
> Do you Yahoo!?
> Declare Yourself - Register online to vote today!
> http://vote.yahoo.com
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
> For additional commands, e-mail: users-help@cocoon.apache.org
> 
> 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org