(RADIATOR) PostAuthSelectHook conditional execution

Toomas Kärner tomkar at estpak.ee
Fri Jan 6 04:44:26 CST 2006


Hi Hugh

I'm using MySql, so the stored procedures are out.
Let me explain where and how I wanted to use it (I have found already
a workaround, so it's not a problem for me, I just let you know).
I'm using several AuthBy SQL's that all do AuthSelect. First ones
"authenticate" the connection from where the user is coming from. It
also adds connection specific (not user specific) attributes to the
request. Second AuthBy SQL authenticates the user and it also uses the
attributes that were added by the first AuthBy for authentication.
Now imagine if first or second AuthBy AuthSelect gets "Empty Set" from
database then I always get the same: "AuthBy SQL result: REJECT, No
such user". This is confusing for HD since they don't know if the user
made a typo in username or the connection that he/she tried to access
is not in the database.
I was hoping to use a PostAuthSelectHook to detect Empty Set as a
result for AuthSelect and depending on the real use of AuthBy, modify
Reject reason accordingly ("Connection not found" if it was a connecton
lookup AuthSelect and "Username not found" if it was username lookup
AuthSelect).
Workaround that I made set's up a flag if AuthSelect got something.
Every AuthSelect has their own flag and in PostAuthHook I can detect
which AuthSelect failed by detecting which flag is missing.
Flag is set like this:
AuthSelect select .....(your old set of attributes...., "1" from ...
AuthColumnDef ....(your old def's)
.
.
AuthColumnDef n+1, MyConnFoundFlag, request

And in PostAuthHook I use the flags like this:
my $myconnfoundflag = $p->get_attr('MyConnFoundFlag');
my $mymessage;
    if (${$_[2]} == $main::REJECT  )  {
        &main::log($main::LOG_DEBUG,"Request has been rejected, search for reason.");
        $_=${$_[3]};
        if(/No such user/) {
            if(!($MyConnFoundFlag)){
                $mymessage='Connection not found in database';
            }
        if ($mymessage) {
            ${$_[3]}=$mymessage;
            &main::log($main::LOG_DEBUG,"Found reason: \"$mymessage\" for reject.");
        }
    }

Rgds.
Toomas


Friday, January 6, 2006, 9:35:16 AM, you wrote:

> Hello Toomas -

> The PostAuthSelectHook is meant to process the results of the  
> AuthSelect.

> If you always want to run a hook you can use a PostAuthHook or a  
> PostProcessingHook.

> I generally find that it is much more useful to call a stored  
> procedure in the database if I want to do something complex.

> regards

> Hugh


> On 6 Jan 2006, at 17:12, Toomas Kärner wrote:

>> Hi,
>> I have found out that PostAuthSelectHook will NOT be executed if
>> AuthSelect query returns "Empty set". Is it supposed to be so?
>> I think this hook could be more powerful if it would be executed
>> always.
>> Rgds.
>> Toomas
>>
>>
>> --
>> Archive at http://www.open.com.au/archives/radiator/
>> Announcements on radiator-announce at open.com.au
>> To unsubscribe, email 'majordomo at open.com.au' with
>> 'unsubscribe radiator' in the body of the message.


> NB:

> Have you read the reference manual ("doc/ref.html")?
> Have you searched the mailing list archive (www.open.com.au/archives/ 
> radiator)?
> Have you had a quick look on Google (www.google.com)?
> Have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?



--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list