<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2900.2627" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2>Hi all,</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>I am trying to set up a security system on an
application where different users will have the rights to see different
components. By default a user will be set as a Guest account and stored in a
subclass of WASession. When they try to view a secured component it should check
if they have permission. If they do the component is shown, if they do not a
login dialog is shown. If they login successfully their new user is stored in
the session and the component retries the check for permissions.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>I have tried to implement this by defining a
WASecuredComponent class which is a subclass of WAComponent. This has the
following methods</FONT></DIV>
<DIV><FONT face=Arial size=2>renderContentOn: html</FONT></DIV>
<DIV><FONT face=Arial size=2> self
checkPermission.</FONT></DIV>
<DIV><FONT face=Arial size=2>checkPermission</FONT><FONT face=Arial
size=2> </FONT></DIV>
<DIV><FONT face=Arial size=2> (self session user
checkPermissionTo: self ) ifFalse: [self requestLogin. self
checkPermission.]</FONT></DIV>
<DIV><FONT face=Arial size=2>requestLogin </FONT></DIV>
<DIV><FONT face=Arial size=2> (self call: WALogin new)
ifFalse: [self requestLogin].</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Classes to be secured extend WASecuredComponent and
have to start renderContentOn with</FONT></DIV>
<DIV><FONT face=Arial size=2>super renderContentOn: html.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>WALogin extends WALoginDialog and
contains</FONT></DIV>
<DIV><FONT face=Arial size=2>login </FONT></DIV>
<DIV><FONT face=Arial size=2> | user |</FONT></DIV>
<DIV><FONT face=Arial size=2> user := WAUser verifyPassword:
password forUser: username.<BR> (user userId > 0)
ifTrue: [ self session user: user.].<BR> self answer:
(user userId > 0).</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>At first it all seems to work OK. I get the login
dialog if I don't have permission to view the component. Entering an invalid
password or one without permission on the component leads to the login dialog
showing again. Entering a correct password leads to the secured component
showing. However if I try to do something with the secured component, such as
post a form on it, I get the "Components not found while processing callbacks:
#(a TAG.WA</FONT><FONT face=Arial size=2>Form)" error. I know this error usually
means a problem with a children method, but I can't see how that could be the
case in this situation, particularly since my application has successfully shown
the login form and the secured component already. I have tried to debug,
and it seems that the secured component is still delegated to the login form,
despite the fact that the secured component has just been visible.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Am I going about this in the wrong way, or is there
a mistake in my implementation?</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>I don't think the User, Session and other classes
are relevant to this problem - let me know if their definitions would help. If
it makes a difference I am using VW 7.3</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Many thanks</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>James Bridger</FONT></DIV></BODY></HTML>