[opencms-dev] how do i do a log user? (v5)

Tue Jan 25 16:35:48 CET 2005

Hey Lars-

The authentication code will only work correctly on a dynamic site; if you're using static export for the site, the JSP's are actually HTML, and won't fire.

Let me know if that's not the solution- you may want to put some system.outs into the code and see what it actually thinks the user's ID is.

Tim

-----Original Message-----
From: Lars Martin [mailto:larsn at smb-tec.com] 
Sent: Tuesday, January 25, 2005 5:00 AM
To: The OpenCms mailing list
Subject: Re: RE: [opencms-dev] how do i do a log user?

-----Ursprüngliche Nachricht-----
Von: Tim Howland <thowland at organic.com>
Gesendet am: 21. Jan 2005, 16:15:01

> Hey Simone-
> 
> Here's my authentication routine:
> 
> <%@ page import="java.util.*" %>
> <%@ page import="com.opencms.file.*" %> <%@ page 
> import="com.opencms.flex.jsp.*" %> <%@ page 
> import="com.opencms.core.*" %>
> 
> 
> <%
> CmsJspActionElement cmsJsp = new CmsJspActionElement(pageContext, 
> request, response); String myFolder = 
> cmsJsp.info("opencms.request.folder");
> CmsObject cms = cmsJsp.getCmsObject(); String userid = 
> request.getParameter("user"); String passwd = 
> request.getParameter("passwd"); try {
> 	cms.loginUser(userid,passwd);
> 	out.println("User logged in<br>");
> 	response.sendRedirect(cmsJsp.link("/secure/index.jsp"));
> }
> 
> catch (CmsException e) {
> 	response.sendRedirect("login.jsp");
> }
> %>
> 
> openCMS keeps the user's login state in it's session, so you don't 
> have to muck around with it.
> 
> Every page on your site needs to check that the user is valid (put 
> this into the page template):
> 
> <%
> CmsJspActionElement cmsJsp = new CmsJspActionElement(pageContext, 
> request, response); if (cmsJsp.user("name").equals("Guest")) {
>      response.sendRedirect(cmsJsp.link("/login.jsp"));
> }
> %>

Hi Tim.

If have created a secure.jsp template containing the check for the current user like above. All html pages in directory secure/ use this secure.jsp template. If one opens a secured page without logging in the login page should be opened via response.sendRedirect(). But in my environment all users can open all secured pages - the redirect() call doesn't seem to work. :o( Do you have any hints? Thanks, Lars ______________________________________________________________________
Lars Martin                             mailto:Lars.Martin at smb-tec.com
SMB GmbH                                        http://www.smb-tec.com
D-04347 Leipzig                                    Rohrteichstrasse 18
Tel: +49-(0)341-699 46 04                    Fax: +49-(0)341-699 47 04
Produkt-Manager Business Server BS1          Produkt-Manager CADDA.NET

_______________________________________________
This mail is send to you from the opencms-dev mailing list To change your list options, or to unsubscribe from the list, please visit http://mail.opencms.org/mailman/listinfo/opencms-dev