[Seaside] Authorization with third-party sites

Patrick Collison patrick at collison.ie
Fri May 4 11:48:31 UTC 2007


Hi,

In my app, I need to have a third-party site verify a user's
credentials. This involves redirecting them to a login page on the
external site, and then, one the user logs in, the external server
redirects the user back to my server with a request that has an auth
token included (which I can store and use).

My current approach is to use actionUrlForContinuation: to get a
handle on the current continuation (as a URL), and then redirect to
the external server with the path of the URL included as an (encoded)
GET parameter. When the request comes back from the external server, I
can merge the two requests (by taking the one prepared earlier, and
tacking on extra GET params for the auth token, which we now have),
and redirect to _this_ URL, which will hopefully get me back to the
right place, with the right information included.

If it all sounds a little hairy, it is. Am I missing out on a simpler
way to implement all of it?

Cheers,

Patrick


More information about the Seaside mailing list