My issue is not so much with the code mechanics, but a) why is
cflogin acting unpredictably and b) is GetAuthUser an acceptable
alternative to using cflogin. Your experience suggests that b) is
a viable route, so unless I hear otherwise elsewhere, that's the
way I'll go. Thanks for your help.
Dave Jones
NetEffect
At 11:56 AM 12/30/03 +1100, you wrote:
>Ok without knowing how your code is setup and how you authenticate your
>users here is what I do in pseudo code.
>
>1) Are we a valid user, do a check to pass the credentials and validate that
>the user is able to be authenticated.
>2) If user is authenticated <cfloginuser name="Andrew Scott"
>password="TestMeOut" roles="Admin,Public">, this will set the user to be
>authenticated.
>
>
>3) Not authenticated then use cflogin to set the user to null, cfloginuser
>name="" password="" roles="">
>
>
>I usually do this in application.cfm and keeps the user logged in this way,
>it also helps control if the user has timed there session out as well.
>
>
>I never user cflogin, only loginuser and GetAuthUser.
>
>
>Now when I do a test I do this
>
>
><cfif GetAuthUser neq "">
>We are not logged in so display public information
><cfelse>
> switch _expression_="roles"
> case Admin:
> Display Admin stuff
> break;
> case Publisher
> Display Content publisher stuff
> break;
></cfif>
>
>
>The above method works for me 100%, I also use client variables to hold the
>username and password (encrypted) to hit the DB each time.
>
>
>I would need to see the code you have to say what your trouble is.
>
>Regards
>Andrew Scott
>Technical Consultant
>
>NuSphere Pty Ltd
>Level 2/33 Bank Street
>South Melbourne, Victoria, 3205
>
>Phone: 03 9686 0485 - Fax: 03 9699 7976
>
> _____
>
>From: Dave Jones [mailto:[EMAIL PROTECTED]
>Sent: Tuesday, 30 December 2003 12:00 PM
>To: CF-Talk
>Subject: RE: cflogin vs. GetAuthUser
>
>Andrew,
>Thanks for the response, but it really doesn't answer my
>question. In my situation, I have a case where GetAuthUser
>returns the logged-in user, but cflogin still executes. This
>seems contradictory to me. If a logged-in user exists, why is
>cflogin executing? Am I not understanding something about cflogin
>and/or GetAuthUser?
>
>And if cflogin cannot be reliably used to identify the absence of
>a logged-in user, is the test <cfif Len(GetAuthUser()) eq 0> a
>safe alternative?
>
>Dave Jones
>NetEffect
>
>At 10:43 AM 12/30/03 +1100, you wrote:
> >cfloginuser logs the user in, for example
> >
> >
> ><cfloginuser name="Andrew Scott" password="TestMeOut" roles="Admin,Public">
> >
> >
> >Logs the user Andrew Scott with the roles of admin and public, if you were
> >to use getAuthUser after this call it would return Andrew Scott, however
>the
> >following is also correct
> >
> >
> ><cfloginuser name="" password="" roles="">
> >
> >
> >In this case the name that getAuthUser will return an empty string.
> >
> >
> >Does this clear it up a little better.
> >
> >Regards
> >Andrew Scott
> >Technical Consultant
> >
> >NuSphere Pty Ltd
> >Level 2/33 Bank Street
> >South Melbourne, Victoria, 3205
> >
> >Phone: 03 9686 0485 - Fax: 03 9699 7976
> >
> >----------
> >[
> _____
>
>----------
>[
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
