simple login
191 views
Skip to first unread message
Dave Hill
Mar 17, 2011, 12:44:52 PM3/17/11
to framew...@googlegroups.com
Hi,
I am never good at writing security for apps and I am having a lot of difficulty doing this in FW/1.
Can anyone give me tips on how to send users to login page when they access my subsystem and then return them to the main admin page?
sorry if this seems like a stupid request, but no examples out there are helping me.
Dave
Matt Quackenbush
Mar 17, 2011, 1:02:09 PM3/17/11
to framew...@googlegroups.com
Have you looked at the samples?
https://github.com/seancorfield/fw1/tree/master/examples/userManagerAccessControl
Also, there are a number of threads that cover this topic in various detail. :-)
https://github.com/seancorfield/fw1/tree/master/examples/userManagerAccessControl
Also, there are a number of threads that cover this topic in various detail. :-)
--
FW/1 on RIAForge: http://fw1.riaforge.org/
FW/1 on github: http://github.com/seancorfield/fw1
FW/1 on Google Groups: http://groups.google.com/group/framework-one
Matt Quackenbush
Mar 17, 2011, 1:03:41 PM3/17/11
to framew...@googlegroups.com
If you are struggling with something specific with the samples, or your code, be sure to post all of the relevant information. We would love to help you, but we need more info in order to be able to do that. :-)
dhilluk
Mar 17, 2011, 1:04:52 PM3/17/11
to framework-one
Thanks for taking the time to reply, but I have looked at the threads
and the example is unhelpful to me.
Dave
On Mar 17, 5:02 pm, Matt Quackenbush <quackfu...@gmail.com> wrote:
> Have you looked at the samples?
>
> https://github.com/seancorfield/fw1/tree/master/examples/userManagerA...
and the example is unhelpful to me.
Dave
On Mar 17, 5:02 pm, Matt Quackenbush <quackfu...@gmail.com> wrote:
> Have you looked at the samples?
>
>
> Also, there are a number of threads that cover this topic in various
> detail. :-)
>
> Also, there are a number of threads that cover this topic in various
> detail. :-)
>
dhilluk
Mar 17, 2011, 1:16:50 PM3/17/11
to framework-one
I struggling with the concept, so have no code to show as yet. The
example uses an object factory and other stuff I don't use so my
ability to read and understand it is clouded. The most basic help on
how to add a simple login that checks a database and authenticates
would be useful to me; Where do I initially set my session.isLoggedIN
variable, where do I redirect to the login form and how do I
authenticate and send user to the admin index?
Cheers Dave
On Mar 17, 5:03 pm, Matt Quackenbush <quackfu...@gmail.com> wrote:
> If you are struggling with something specific with the samples, or your
> code, be sure to post all of the relevant information. We would love to
> help you, but we need more info in order to be able to do that. :-)
>
example uses an object factory and other stuff I don't use so my
ability to read and understand it is clouded. The most basic help on
how to add a simple login that checks a database and authenticates
would be useful to me; Where do I initially set my session.isLoggedIN
variable, where do I redirect to the login form and how do I
authenticate and send user to the admin index?
Cheers Dave
On Mar 17, 5:03 pm, Matt Quackenbush <quackfu...@gmail.com> wrote:
> If you are struggling with something specific with the samples, or your
> code, be sure to post all of the relevant information. We would love to
> help you, but we need more info in order to be able to do that. :-)
>
> On Thu, Mar 17, 2011 at 12:02 PM, Matt Quackenbush <quackfu...@gmail.com>wrote:
>
>
>
>
>
>
>
> > Have you looked at the samples?
>
> >https://github.com/seancorfield/fw1/tree/master/examples/userManagerA...
>
>
>
>
>
>
>
> > Have you looked at the samples?
>
>
> > Also, there are a number of threads that cover this topic in various
> > detail. :-)
>
> > Also, there are a number of threads that cover this topic in various
> > detail. :-)
>
Eapen
Mar 17, 2011, 1:37:03 PM3/17/11
to framew...@googlegroups.com
Do a search in this forum for securityController and I am pretty sure
you will find some helpful tips on how to implement authentication.
you will find some helpful tips on how to implement authentication.
Dave Anderson
Mar 17, 2011, 4:14:54 PM3/17/11
to framew...@googlegroups.com
What kind of reply are you hoping to get next?
I'm not being snotty or sarcastic -- I'm just curious. It seems like you have some very basic questions, and this forum is a great place to go for answers to those, but they're somewhat vague, which can make it hard to get the response you're looking for.
If I'm reading you right, it sounds like you're asking how to build an application. If that's something you already know how to do, and are simply having issues using FW/1 to do it, then you're in the right place, and you just need to be more specific. If you simply don't know how to approach session management (or app dev) with CF, then this might not be the best source for answers to those questions.
Having said that, it sounds like the examples you've looked at are confusing for you. Is it because you're not accustomed to bean factories specifically, or OOP in general? Most of the people who are liable to reply to your questions in this group are going to give you tips and suggestions that involve an OO approach.
Here are a few specific suggestions in response to your questions:
Make a User bean that contains a 'role' property. (I actually use an array of roles, so users can be in 0-to-many roles.) In your app's setupSession() function, create an instance of that User bean and store it in the session scope.
If you have a subsystem called 'admin' that only users in an admin role should be able to access, then make a controller in that subsystem that all its other controllers extend. put a 'before' function in that controller, and use that before() function to check for the user's membership in the 'admin' role. If they don't have the role, redirect them to a login form in another subsystem.
Assuming your login form submits to home:login.submit, for example, you'd have the submit() function in your login service check the credentials and, if successful, set the User object's role. In your login controller's endSubmit() function, you could relocate the user to the admin:home.index (or whatever) action if the user is a member of the admin role.
Best of luck,
Dave
I'm not being snotty or sarcastic -- I'm just curious. It seems like you have some very basic questions, and this forum is a great place to go for answers to those, but they're somewhat vague, which can make it hard to get the response you're looking for.
If I'm reading you right, it sounds like you're asking how to build an application. If that's something you already know how to do, and are simply having issues using FW/1 to do it, then you're in the right place, and you just need to be more specific. If you simply don't know how to approach session management (or app dev) with CF, then this might not be the best source for answers to those questions.
Having said that, it sounds like the examples you've looked at are confusing for you. Is it because you're not accustomed to bean factories specifically, or OOP in general? Most of the people who are liable to reply to your questions in this group are going to give you tips and suggestions that involve an OO approach.
Here are a few specific suggestions in response to your questions:
Make a User bean that contains a 'role' property. (I actually use an array of roles, so users can be in 0-to-many roles.) In your app's setupSession() function, create an instance of that User bean and store it in the session scope.
If you have a subsystem called 'admin' that only users in an admin role should be able to access, then make a controller in that subsystem that all its other controllers extend. put a 'before' function in that controller, and use that before() function to check for the user's membership in the 'admin' role. If they don't have the role, redirect them to a login form in another subsystem.
Assuming your login form submits to home:login.submit, for example, you'd have the submit() function in your login service check the credentials and, if successful, set the User object's role. In your login controller's endSubmit() function, you could relocate the user to the admin:home.index (or whatever) action if the user is a member of the admin role.
Best of luck,
Dave
Dave Hill
Mar 17, 2011, 4:25:35 PM3/17/11
to framew...@googlegroups.com
I was having difficulty seeing the solution in the examples. I am just starting out developing apps outside of work and we use an MVC/OO framework the team leader created and the user login is a legacy one squeezed uncomfortabley in there.
I was rushing myself through the excitement of what I was achieving with FW/1 and wasn't able to ask the questions I wanted answers to.
A few guys on twitter helped me out and I have managed to use the example of access control to achieve my goal.
This really is a fantastic framework.
Dave
Reply all
Reply to author
Forward
0 new messages