> Also, if I use <cfloginuser> I'm limited to "name",
> "password", and "roles", but the table is going to store more
> information than that, that I'd like access to, like first
> and last name for instance. I'd like to display that on each
> page, but I'm not sure how to get it for each logged in user. Etc..
>
The cflogin framework handles 2 basic things - authentication and
authorization. User data would still need to be handled as it is now.
For example, maybe on login you get info like the user's name and age.
You could then store that into the session scope(*). The 'roles-based
security' system is not concerned with stuff like that - it just handles
the low level stuff like determining if you are logged in and what roles
are you in (if any).
* cflogin is NOT based on sessions. That means your cflogin
authentication could expire and your session vars would still exist.
Therefore, you kind of have to hack around it. This is a typical section
of code from an Application.cfm file using cflogin. I've added comments
to explain what I'm doing. Any XXX implies a string I changed for
privacy reasons. I've put ********** by the lines you really need to
care about.
<cfsetting enableCFOutputOnly = true>
<cfapplication name="XXX" sessionManagement=true>
<!--- Include App variables --->
<cfif not isDefined("application.init")>
<cfinclude template="/intranet/includes/global_vars.cfm">
</cfif>
**************
<!--- Handles logging the user out. Also not how we detect an expired
session. This way if the session expires before the cflogin scope, we
force a logout as well. --->
<cfif isDefined("url.logout") or not isDefined("session.userid")>
<cflogout>
</cfif>
<!--- Include UDF library --->
<cfinclude template="/intranet/includes/udf.cfm">
<cflogin>
<cfset showForm = true>
**************
<!--- Again, the idea here is to keep Session/CFLOGIN in sync.
--->
<cfset structClear(session)>
<cfif isDefined("form.username") and len(trim(form.username))
and
isDefined("form.password") and
len(trim(form.password))>
<cfif
application.user.authenticate(trim(form.username), trim(form.password))>
<cfloginuser name="#trim(form.username)#"
password="#trim(form.password)#"
roles="#application.user.getRoles(trim(form.username),
trim(form.password))#">
**************
<!--- This is an example of how I store user
info in the session scope. --->
<cfset
structAppend(session,application.user.getUserInformation(trim(form.usern
ame), trim(form.password)))>
<cfset showForm = false>
</cfif>
</cfif>
<cfif variables.showForm>
<cfinclude template="/XXXX/wwwroot/login.cfm">
<cfabort>
</cfif>
</cflogin>
=======================================================================
Raymond Camden, ColdFusion Jedi Master for Mindseye, Inc
Member of Team Macromedia
Email : [EMAIL PROTECTED]
Blog : www.camdenfamily.com/morpheus/blog
Yahoo IM : morpheus
"My ally is the Force, and a powerful ally it is." - Yoda
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4
Subscription:
http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
