Difference: TWikiClientDotPm (2 vs. 3)

Revision 32007-01-16 - TWikiContributor

Line: 5 to 5
  On it's own, an object of this class is used when you specify 'none' in the security setup section of
Changed:
<
<
configure. When it is used,
>
>
configure. When it is used,
 logins are not supported. If you want to authenticate users then you should consider TemplateLogin? or ApacheLogin? , which are subclasses of this class.
Line: 18 to 18
 let the perl optimiser optimise out the trace function as a no-op if tracing is disabled.
Added:
>
>
Here's an overview of how it works:

Early in TWiki::new, the login manager is created. The creation of the login manager does two things:

  1. If sessions are in use, it loads CGI::Session but doesn't initialise the session yet.
  2. Creates the login manager object
Slightly later in TWiki::new, loginManager->loadSession is called.
  1. Calls loginManager->getUser to get the username before the session is created
    • TWiki::Client::ApacheLogin looks at REMOTE_USER
    • TWiki::Client::TemplateLogin just returns undef
  2. reads the TWIKISID cookie to get the SID (or the TWIKISID parameters in the CGI query if cookies aren't available, or IP2SID? mapping if that's enabled).
  3. Creates the CGI::Session object, and the session is thereby read.
  4. If the username still isn't known, reads it from the cookie. Thus TWiki::Client::ApacheLogin overrides the cookie using REMOTE_USER, and TWiki::Client::TemplateLogin always uses the session.

Later again in TWiki::new, plugins are given a chance to override the username found from the loginManager.

The last step in TWiki::new is to find the user, using whatever user mapping manager is in place.

 

ObjectData? twiki

Added:
>
>
 The TWiki object this login manager is attached to.
Line: 24 to 42
 
Changed:
<
<

StaticMethod makeClient ($twiki) -> $TWiki::Client

>
>

StaticMethod makeLoginManager ($twiki) -> $TWiki::Client

 Factory method, used to generate a new TWiki::Client object for the given session.

Changed:
<
<

ObjectMethod loadSession ()

>
>

ObjectMethod loadSession ($defaultUser) -> $login

  Get the client session data, using the cookie and/or the request URL. Set up appropriate session variables in the twiki object and return the login name.
Added:
>
>
$defaultUser is a username to use if one is not available from other sources. The username passed when you create a TWiki instance is passed in here.
 

ObjectMethod checkAccess ()

Line: 51 to 76
 

StaticMethod expireDeadSessions ()

Changed:
<
<
Delete sessions that are sitting around but are really expired.
>
>
Delete sessions and passthrough files that are sitting around but are really expired.
 This assumes that the sessions are stored as files.

This is a static method, but requires TWiki::cfg. It is designed to be

Line: 92 to 120
 

ObjectMethod redirectCgiQuery ($url)

Added:
>
>
 Generate an HTTP redirect on STDOUT, if you can. Return 1 if you did.
Deleted:
<
<
Don't forget to pass all query parameters through.
 
  • $url - target of the redirection.
Line: 114 to 145
 
Changed:
<
<

ObjectMethod clearSessionValue ($name)

>
>

ObjectMethod clearSessionValue ($name) -> $boolean

 Clear the value of a session variable. We do not allow setting of AUTHUSER.
 
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback
Note: Please contribute updates to this topic on TWiki.org at TWiki:TWiki.TWikiClientDotPm