[Seaside] How can I access the authenticated user of a request?

Ian Prince ian at inextenso.com
Tue Oct 28 11:29:12 CET 2003


Thanks for the quick reply, Avi.

I think there might be some confusion - I actually have 
authentification working (I have written a subclass of 
WAControllerSession with method authenticateUser:password).

Where I am stuck is how to find out (access) the username on post 
basic-authentification requests.

In Zope/DTML this would be (from memory) <dtml-var 
"REQUEST['AUTHENTICATED_USER']"> which returns a user object.

Thanks,

Ian.

On Mardi, oct 28, 2003, at 11:02 Europe/Zurich, Avi Bryant wrote:

> Ian Prince wrote:
>
>> For a small application I am building for a client (FWIW: a 
>> directory/file browser with access control based on the 
>> user/password), I need to access the "authenticated user" part of a 
>> request.
>>
>> WARequest>>user seems to be what I want but how do I access the 
>> request?
>
> Rather than accessing the request directly, I would use 
> WASession>>basicAuthentication:do: .  This takes two blocks:
>
> - the first is a two parameter block, which will get passed a username 
> and password.  You need to return true or false, depending on whether 
> authentication succeeds.  You can also take this opportunity to store 
> the username.
>
> - the second is a zero parameter block.  It is the scope within which 
> authentication is used - any pages that are shown while evaluating 
> that block will require authentication.
>
> So, you might have a front page with a login link that invokes a 
> method like this:
>
> login
>  self session
>    basicAuthentication: [:user :pass | self authenticateUser: user 
> password: pass]
>    do: [self call: (AuthenticatedPage new)]
>
> _______________________________________________
> Seaside mailing list
> Seaside at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/listinfo/seaside
>



More information about the Seaside mailing list