Generally that is what it means. The problem comes up when you want multiple directories to respond to the same form fields. In that case the code would, as you say, need to handle authentication failure differently. The current structure means that the user sees whatever problem the UD reports (e.g. That password was incorrect, There was an error connecting to the Google authentication service, etc). Changing to skipping over failed UDs would probably require only ever returning a predefined generic message (e.g. That username / password was not valid). You can extend security.cfc into your project and change this behaviour - you should experiment to see how each setup works in practice.
On Tue, Oct 30, 2012 at 1:49 PM, AJ Mercer <[email protected]> wrote: > yeah - that is probably the step that gets me every time > > When I read this, I think it means no username or password passed in > >> EMPTY (If no form submission was detected) > > > > On 30 October 2012 10:41, Blair McKenzie <[email protected]> wrote: > >> The return struct should only contain authorised if it attempted (and >> then succeeded or failed) to authorise the user. If there was nothing to >> report the UD should be returning an empty struct. >> >> >> On Tue, Oct 30, 2012 at 1:35 PM, AJ Mercer <[email protected]> wrote: >> >>> I dont understand how farcry is supposed to go to the next UD. >>> >>> If all of them 'fail', ie none return authorised=true, then a message >>> should be returned. >>> >>> >>> On 30 October 2012 10:29, Blair McKenzie <[email protected]> wrote: >>> >>>> The intention is that authentication would stop if any user directory >>>> returned a failure, with the result that the user would see the error >>>> message returned. That feedback link doesn't work if FarCry ignores >>>> authentication errors. If it's something you need for your project you can >>>> simply extend security.cfc in your project and change that behaviour. >>>> >>>> Blair >>>> >>>> On Tue, Oct 30, 2012 at 12:47 PM, AJ Mercer <[email protected]> wrote: >>>> >>>>> With authenticate() in >>>>> /farcry/core/packages/security/security.cfc >>>>> >>>>> I can not figure out how this is meant to work >>>>> It will break out of the loop on a fail >>>>> >>>>> <cfloop list="#udlist#" index="ud"> >>>>> <!--- Authenticate user ---> >>>>> <cfset stResult = >>>>> this.userdirectories[ud].authenticate(argumentCollection="#arguments#") /> >>>>> <cfif structkeyexists(stResult,"authenticated")> >>>>> <!--- *This allows your userdirectory check multiple user directories >>>>> and pass back the successfull one.* ---> >>>>> <cfparam name="stResult.UD" default="#ud#" /> >>>>> <cfif not stResult.authenticated> >>>>> <farcry:logevent type="security" event="loginfailed" >>>>> userid="#stResult.userid#_#stResult.UD#" notes="#stResult.message#" /> >>>>> *<cfbreak />* >>>>> </cfif> >>>>> <!--- SUCCESS - log in user ---> >>>>> <cfset login(userid=stResult.userid,ud=stResult.UD) /> >>>>> <!--- Return 'success' ---> >>>>> <cfbreak /> >>>>> </cfif> >>>>> </cfloop> >>>>> >>>>> I think it should look like this >>>>> >>>>> <cfloop list="#udlist#" index="ud"> >>>>> <!--- Authenticate user ---> >>>>> <cfset stResult = >>>>> this.userdirectories[ud].authenticate(argumentCollection="#arguments#") /> >>>>> <cfif structkeyexists(stResult,"authenticated")> >>>>> <!--- This allows your userdirectory check multiple user directories >>>>> and pass back the successfull one. ---> >>>>> <cfparam name="stResult.UD" default="#ud#" /> >>>>> <cfif not stResult.authenticated> >>>>> <farcry:logevent type="security" event="loginfailed" >>>>> userid="#stResult.userid#_#stResult.UD#" notes="#stResult.message#" /> >>>>> *<cfelse>* >>>>> <!--- SUCCESS - log in user ---> >>>>> <cfset login(userid=stResult.userid,ud=stResult.UD) /> >>>>> <!--- Return 'success' ---> >>>>> <cfbreak /> >>>>> </cfif> >>>>> </cfif> >>>>> </cfloop> >>>>> >>>>> Instructions for UD implementations >>>>> <!--- This function should return a struct in the form: >>>>> .AUTHENTICATED = false >>>>> .MESSAGE = "" >>>>> OTHER VALUES CAN BE ADDED FOR USE BY CUSTOM LOGIN FORMS >>>>> OR >>>>> .AUTHENTICATED = true >>>>> .USERID = "" (This ID only needs to be unique for this user directory) >>>>> OR >>>>> EMPTY (If no form submission was detected) >>>>> ---> >>>>> -- >>>>> >>>>> *AJ Mercer* >>>>> <webonix:net strength="Industrial" /> <http://webonix.net> | <webonix:org >>>>> community="Open" /> <http://webonix.org> >>>>> http://twitter.com/webonix >>>>> Railo Community Manager<http://www.getrailo.org/index.cfm/community/team/> >>>>> >>>>> -- >>>>> You received this message cos you are subscribed to "farcry-dev" >>>>> Google group. >>>>> To post, email: [email protected] >>>>> To unsubscribe, email: [email protected] >>>>> For more options: http://groups.google.com/group/farcry-dev >>>>> -------------------------------- >>>>> Follow us on Twitter: http://twitter.com/farcry >>>>> >>>>> >>>>> >>>> >>>> -- >>>> You received this message cos you are subscribed to "farcry-dev" Google >>>> group. >>>> To post, email: [email protected] >>>> To unsubscribe, email: [email protected] >>>> For more options: http://groups.google.com/group/farcry-dev >>>> -------------------------------- >>>> Follow us on Twitter: http://twitter.com/farcry >>>> >>>> >>>> >>> >>> >>> >>> -- >>> >>> *AJ Mercer* >>> <webonix:net strength="Industrial" /> <http://webonix.net> | <webonix:org >>> community="Open" /> <http://webonix.org> >>> http://twitter.com/webonix >>> Railo Community Manager<http://www.getrailo.org/index.cfm/community/team/> >>> >>> -- >>> You received this message cos you are subscribed to "farcry-dev" Google >>> group. >>> To post, email: [email protected] >>> To unsubscribe, email: [email protected] >>> For more options: http://groups.google.com/group/farcry-dev >>> -------------------------------- >>> Follow us on Twitter: http://twitter.com/farcry >>> >>> >>> >> >> -- >> You received this message cos you are subscribed to "farcry-dev" Google >> group. >> To post, email: [email protected] >> To unsubscribe, email: [email protected] >> For more options: http://groups.google.com/group/farcry-dev >> -------------------------------- >> Follow us on Twitter: http://twitter.com/farcry >> >> >> > > > > -- > > *AJ Mercer* > <webonix:net strength="Industrial" /> <http://webonix.net> | <webonix:org > community="Open" /> <http://webonix.org> > http://twitter.com/webonix > Railo Community Manager<http://www.getrailo.org/index.cfm/community/team/> > > -- > You received this message cos you are subscribed to "farcry-dev" Google > group. > To post, email: [email protected] > To unsubscribe, email: [email protected] > For more options: http://groups.google.com/group/farcry-dev > -------------------------------- > Follow us on Twitter: http://twitter.com/farcry > > > -- You received this message cos you are subscribed to "farcry-dev" Google group. To post, email: [email protected] To unsubscribe, email: [email protected] For more options: http://groups.google.com/group/farcry-dev -------------------------------- Follow us on Twitter: http://twitter.com/farcry
