It now seems to work. Thanks for that.
The checkAuthentication() method needs to be passed a redirector. I don't think you can get hold of one of them in the flow. I have therefore changed it so that the checkAuthentication method works if the redirector is null, and added a getForwardingURI to the DefaultAuthenticationManager which the flow checkAuthentication method can use to get the redirection URI, and then call cocoon.redirectTo on it.
The FOM needs modifying to allow session aware redirects. Do we need a vote?
I've now just got to do some tidying up, and I'll commit a working version.
Thanks for your help.
Regards, Upayavira
Carsten Ziegeler wrote:
Upayavira wrote:
I have committed a partly working auth-fw/flow sample. I think it is basically there, but I am gettting stuck with:
SessionManager.streamContextFragment: Context 'authentication' not found.
I've never used the session manager (nor sessions for that matter), so I'm a bit out of my depth. Could one of you take a look and see if you can see how to make it work?
[The one thing I can spot is that cocoon.redirectTo(uri) in FOM_Cocoon sets the 'session' value to false, so there appears to be no way to do a session aware redirect from flow].
I haven't looked at your code/sample yet, but I can try to explain some parts: after a successful authentication, the authentication context is stored in the session; so if you have a redirect (or a link) that does not preserve the session than the user is not authenticated any more and that could lead to the message from above.
In addition, to get information from the authentication context, you have usually to tell the authentication framework which handler to use. This is done by the auth-protect action. As long as this action hasn't been activated in the current request, the context is not available. You need a similar thing in flow as well.
Perhaps I have time to look at your example over the weekend.
Carsten
