Re: Login and Session
Re: Login and Session
- Subject: Re: Login and Session
- From: David LeBer <email@hidden>
- Date: Thu, 4 Mar 2004 07:58:07 -0500
I usually wrap my components with a SecureWrapper that checks the
session, showing the component content if isLoggedIn is true, and the
login form if not.
For security to the page I usually punt and put the entire thing behind
ssl.
On 4-Mar-04, at 5:52 AM, Simon Ganiere wrote:
Second question of the day ;)
This one is about the session. I have a login form (mail and
password), in the session i made a query to test of the mail and
password match someone in the db, if it's the case a put a boolean
true and with a combinaison of WOConditional in WebObjects Builder I
can make feature only available to login customer.
My question is about the security of that stuff. Do I need to check
on every component if the user is login (so do i need to put on every
component a WOCOnditional to check if the user is log) or not ? To
make this login form i use the example of the
SophisticatedDatabaseExample in the /Developer/Examples/JavaWebObject
is this the best and secure way to do a login form ?
thanks in advance for the answer ;)
Bye Simon
-------------------------
Simon Ganiere
http://www.simonganiere.ch
Switzerland
_______________________________________________
webobjects-dev mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/webobjects-dev
Do not post admin requests to the list. They will be ignored.
;david
--
David LeBer
Codebase Software Systems
site: http://www.codebase.ca
blog: http://david.codebase.ca
_______________________________________________
webobjects-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/webobjects-dev
Do not post admin requests to the list. They will be ignored.