The intention is that authentication would stop if any user directory returned a failure, with the result that the user would see the error message returned. That feedback link doesn't work if FarCry ignores authentication errors. If it's something you need for your project you can simply extend security.cfc in your project and change that behaviour.
Blair On Tue, Oct 30, 2012 at 12:47 PM, AJ Mercer <[email protected]> wrote: > With authenticate() in > /farcry/core/packages/security/security.cfc > > I can not figure out how this is meant to work > It will break out of the loop on a fail > > <cfloop list="#udlist#" index="ud"> > <!--- Authenticate user ---> > <cfset stResult = > this.userdirectories[ud].authenticate(argumentCollection="#arguments#") /> > <cfif structkeyexists(stResult,"authenticated")> > <!--- *This allows your userdirectory check multiple user directories and > pass back the successfull one.* ---> > <cfparam name="stResult.UD" default="#ud#" /> > <cfif not stResult.authenticated> > <farcry:logevent type="security" event="loginfailed" > userid="#stResult.userid#_#stResult.UD#" notes="#stResult.message#" /> > *<cfbreak />* > </cfif> > <!--- SUCCESS - log in user ---> > <cfset login(userid=stResult.userid,ud=stResult.UD) /> > <!--- Return 'success' ---> > <cfbreak /> > </cfif> > </cfloop> > > I think it should look like this > > <cfloop list="#udlist#" index="ud"> > <!--- Authenticate user ---> > <cfset stResult = > this.userdirectories[ud].authenticate(argumentCollection="#arguments#") /> > <cfif structkeyexists(stResult,"authenticated")> > <!--- This allows your userdirectory check multiple user directories and > pass back the successfull one. ---> > <cfparam name="stResult.UD" default="#ud#" /> > <cfif not stResult.authenticated> > <farcry:logevent type="security" event="loginfailed" > userid="#stResult.userid#_#stResult.UD#" notes="#stResult.message#" /> > *<cfelse>* > <!--- SUCCESS - log in user ---> > <cfset login(userid=stResult.userid,ud=stResult.UD) /> > <!--- Return 'success' ---> > <cfbreak /> > </cfif> > </cfif> > </cfloop> > > Instructions for UD implementations > <!--- This function should return a struct in the form: > .AUTHENTICATED = false > .MESSAGE = "" > OTHER VALUES CAN BE ADDED FOR USE BY CUSTOM LOGIN FORMS > OR > .AUTHENTICATED = true > .USERID = "" (This ID only needs to be unique for this user directory) > OR > EMPTY (If no form submission was detected) > ---> > -- > > *AJ Mercer* > <webonix:net strength="Industrial" /> <http://webonix.net> | <webonix:org > community="Open" /> <http://webonix.org> > http://twitter.com/webonix > Railo Community Manager<http://www.getrailo.org/index.cfm/community/team/> > > -- > You received this message cos you are subscribed to "farcry-dev" Google > group. > To post, email: [email protected] > To unsubscribe, email: [email protected] > For more options: http://groups.google.com/group/farcry-dev > -------------------------------- > Follow us on Twitter: http://twitter.com/farcry > > > -- You received this message cos you are subscribed to "farcry-dev" Google group. To post, email: [email protected] To unsubscribe, email: [email protected] For more options: http://groups.google.com/group/farcry-dev -------------------------------- Follow us on Twitter: http://twitter.com/farcry
