<br><font size=2 face="sans-serif">------------------------------------------------------------------------------</font>
<br><font size=2 face="sans-serif">Leonard A. Jaffe (614)213-4283</font>
<br><font size=2 face="sans-serif">JP Morgan Chase, Columbus, OH
</font>
<br><font size=2 face="sans-serif">DSS Monitoring Instrumentation Services</font>
<br><font size=2 face="sans-serif">leonard.a.jaffe@jpmchase.com</font>
<br>
<br>
<br>
<br><font size=2 face="sans-serif">Bernhard Graf wrote:</font>
<br><font size=2 face="sans-serif">> In a Cat application I use C:P::Authentication::Store::DBIC
and it works </font>
<br><font size=2 face="sans-serif">> well.</font>
<br><font size=2 face="sans-serif">> </font>
<br><font size=2 face="sans-serif">> But now I need to modify authentication
a little bit:</font>
<br><font size=2 face="sans-serif">> A status field of the user object
should also be checked, e.g. grant </font>
<br><font size=2 face="sans-serif">> access only if status is set to
"active".</font>
<br><font size=2 face="sans-serif">> </font>
<br><font size=2 face="sans-serif">> Documentation of the module mentions
a configuration field named </font>
<br><font size=2 face="sans-serif">> "catalyst_user_class":</font>
<br><font size=2 face="sans-serif">> </font>
<br><font size=2 face="sans-serif">> <cite></font>
<br><font size=2 face="sans-serif">> If using a plain model class which
has username and password fields is </font>
<br><font size=2 face="sans-serif">> not working for you, because you
have more complex objects, or you need </font>
<br><font size=2 face="sans-serif">> to do something else odd to fetch
those values or your role fields, you </font>
<br><font size=2 face="sans-serif">> can subclass Catalyst::Plugin::Authentication::Store::DBIC::User,
and </font>
<br><font size=2 face="sans-serif">> supply your class name here.</font>
<br><font size=2 face="sans-serif">> </cite></font>
<br><font size=2 face="sans-serif">> </font>
<br><font size=2 face="sans-serif">> Is that the way I have to go? If
so an example would be helpful, because </font>
<br><font size=2 face="sans-serif">> documentation for C:P::Authentication::Store::DBIC::User
is a little </font>
<br><font size=2 face="sans-serif">> sparse. ;-)</font>
<br>
<br>
<br><font size=2 face="sans-serif">What you need to do is subclass C::P::A::Credential,
and override the </font>
<br><font size=2 face="sans-serif">login() method.</font>
<br>
<br><font size=2 face="sans-serif">The login method is where the username
and password are checked, so </font>
<br><font size=2 face="sans-serif">you probably want to do something
like the following (probably borrowing</font>
<br><font size=2 face="sans-serif">the password check form C::P::Authentication::CDBI):</font>
<br>
<br><font size=2 face="sans-serif">sub login {</font>
<br><font size=2 face="sans-serif"> my ( $c, $user, $password, @rest
) = @_;</font>
<br>
<br><font size=2 face="sans-serif"> unless ($user) {</font>
<br><font size=2 face="sans-serif"> $c->log->error("Can't
login a user without a user object or user ID");</font>
<br><font size=2 face="sans-serif"> return;</font>
<br><font size=2 face="sans-serif"> }</font>
<br>
<br><font size=2 face="sans-serif"> unless ( Scalar::Util::blessed($user)
and </font>
<br><font size=2 face="sans-serif">
$user->isa("Catalyst::Plugin::Authentication::User")
) {</font>
<br><font size=2 face="sans-serif"> if ( my $user_obj = $c->get_user(
$user ) ) {</font>
<br><font size=2 face="sans-serif"> $user = $user_obj;</font>
<br><font size=2 face="sans-serif"> } else {</font>
<br><font size=2 face="sans-serif"> $c->log->error("User
'$user' doesn't exist in the default store");</font>
<br><font size=2 face="sans-serif"> return;</font>
<br><font size=2 face="sans-serif"> }</font>
<br><font size=2 face="sans-serif"> }</font>
<br>
<br><font size=2 face="sans-serif"> # check the password...</font>
<br><font size=2 face="sans-serif"> unless (some_password_check &&
$user->status eq 'Acitve') {</font>
<br><font size=2 face="sans-serif"> # some error message:
"I'm sorry Dave, I can't do that."</font>
<br><font size=2 face="sans-serif"> }</font>
<br>
<br><font size=2 face="sans-serif"> </font>
<br><font size=2 face="sans-serif"> $c->set_authenticated($user);</font>
<br><font size=2 face="sans-serif"> $c->log->debug("Successfully
authenticated user " . $user->id) if $c->debug;</font>
<br><font size=2 face="sans-serif"> return 1;</font>
<br><font size=2 face="sans-serif">}</font>
<br>
<br>
<br><font size=2 face="sans-serif">Len.</font>
<HTML><BODY><P><hr size=1></P><br>
<P><br>
This transmission may contain information that is privileged,<br>
confidential, legally privileged, and/or exempt from disclosure<br>
under applicable law. If you are not the intended recipient, you<br>
are hereby notified that any disclosure, copying, distribution, or<br>
use of the information contained herein (including any reliance<br>
thereon) is STRICTLY PROHIBITED. Although this transmission and<br>
any attachments are believed to be free of any virus or other<br>
defect that might affect any computer system into which it is<br>
received and opened, it is the responsibility of the recipient to<br>
ensure that it is virus free and no responsibility is accepted by<br>
JPMorgan Chase & Co., its subsidiaries and affiliates, as<br>
applicable, for any loss or damage arising in any way from its use.<br>
If you received this transmission in error, please immediately<br>
contact the sender and destroy the material in its entirety,<br>
whether in electronic or hard copy format. Thank you.<br>
</P></BODY></HTML>