Hi Safraz,
We implement an authentication check at page-flow level.
When a user attempts to access a protected page, a page-flow action is called, that 'actions' a pipeline utilising a scope-generator processor.
Depending upon the output of the authentication pipeline the page is redirected or not.
Something like this:
<page id="protected-page" path-info="/protected-page/" model="protected-page-model.xpl" view="protected-page-view.xhtml">
<action action="session-authn-check.xpl">
<result when="/passed"/>
<result when="/failed" page="login"/>
</action>
</page>
We implement logout by loading a page that utilises a scope-serializer processor in it's model, that effectively wipes the authenticated value in the session.
HTH,
Tom
safraz wrote
Hi,
I'm planning to develop a wizard application. The user is authenticated before launching the wizard. The user should have an option to log off in each screen.
How can we integrate user session to xsl theme? Or any other alternative way
Regards,
Safraz
Locked
