You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cocoon.apache.org by Adam Ratcliffe <ad...@mrigitech.com> on 2004/12/17 02:45:36 UTC
Session lost on authentication
I've got a problem with the user session being lost after successful with
authentication via a custom Java authenticator.
In my authenticator class I create a user bean and put it in the user's
session like this:
SessionManager sm = (SessionManager)
manager.lookup(org.apache.cocoon.webapps.session.SessionManager.ROLE);
Session s = sm.getSession(true);
s.setAttribute("user", user);
manager.release(sm);
When the authenticator returns control to its handler, the user is
redirected to the redirect uri declared for the auth-login action
(see below) and this invokes a pipline with the this snippet:
<jx:if test="${!empty(cocoon.session.user)}"> ...
This test fails because no session exists.
Can anyone enlighten me as to what's happening here?
Cheers
Adam
<authentication-manager>
<handlers>
<handler name="defaultHandler">
<redirect-to uri="cocoon://login"/>
<authentication
authenticator="com.geosmart.security.authentication.DefaultAuthenticator"/>
</handler>
</handlers>
</authentication-manager>
<map:match pattern="do-login">
<map:act type="auth-login">
<map:parameter name="handler" value="defaultHandler"/>
<map:parameter name="parameter_username"
value="{request-param:username}"/>
<map:parameter name="parameter_password"
value="{request-param:password}"/>
<map:redirect-to uri="{request-param:redirectUri}"
session="true"/>
</map:act>
<map:redirect-to uri="cocoon:/login"/>
</map:match>
RE: Session lost on authentication [SOLVED]
Posted by Adam Ratcliffe <ad...@mrigitech.com>.
The problem was all mine. I was trying to access the FOM object in a jx
template when the pipeline it belonged to was not being called from
flowscript, hence
the object was not in context.
Cheers
Adam
-----Original Message-----
From: Adam Ratcliffe [mailto:adam@mrigitech.com]
Sent: Friday, 17 December 2004 2:46 p.m.
To: users@cocoon.apache.org
Subject: Session lost on authentication
I've got a problem with the user session being lost after successful with
authentication via a custom Java authenticator.
In my authenticator class I create a user bean and put it in the user's
session like this:
SessionManager sm = (SessionManager)
manager.lookup(org.apache.cocoon.webapps.session.SessionManager.ROLE);
Session s = sm.getSession(true);
s.setAttribute("user", user);
manager.release(sm);
When the authenticator returns control to its handler, the user is
redirected to the redirect uri declared for the auth-login action
(see below) and this invokes a pipline with the this snippet:
<jx:if test="${!empty(cocoon.session.user)}"> ...
This test fails because no session exists.
Can anyone enlighten me as to what's happening here?
Cheers
Adam
<authentication-manager>
<handlers>
<handler name="defaultHandler">
<redirect-to uri="cocoon://login"/>
<authentication
authenticator="com.geosmart.security.authentication.DefaultAuthenticator"/>
</handler>
</handlers>
</authentication-manager>
<map:match pattern="do-login">
<map:act type="auth-login">
<map:parameter name="handler" value="defaultHandler"/>
<map:parameter name="parameter_username"
value="{request-param:username}"/>
<map:parameter name="parameter_password"
value="{request-param:password}"/>
<map:redirect-to uri="{request-param:redirectUri}"
session="true"/>
</map:act>
<map:redirect-to uri="cocoon:/login"/>
</map:match>