OnRequestStart - Security Sign on and Request Page Setup together

I have made use of the Application.cfc and the OnRequestStart to require a security signon. I have a new application that uses the OnRequestStart to setup the Request argument for each page processes.

I need to add the security feature but I do not know how to get both to work under OnRequestStart. I tried to copy one with the other and got error saying "missing /cffunction" . I also tried naming one as "OnRequestStart" and the other as "OnRequest"  Result: I either get the secuirty screen working but it will no longer go to the index.cfm page. Or I get to my index.cfm without a needed security signon.

How do I get both to work>>>??????

Here is my code:

<cfcomponent
      output="false"
      hint="Handles the application-level event handlers and application settings.">
      
      
      <!--- Define application settings. --->
           <cfset THIS.Name = "events" />
        <cfset THIS.sessionmanagement="Yes">
        <cfset THIS.clientmanagement="Yes">
        <cfset THIS.setclientcookies="Yes">
        <cfset THIS.loginstorage="session">
        <cfset THIS.sessiontimeout="#createtimespan(0,1,0,0)#">
        <cfset THIS.applicationtimeout="#createtimespan(0,4,0,0)#">

        <cfset REQUEST.Source = "RQITest" />

      <!--- Define page request settings. --->
      <cfsetting
            showdebugoutput="true"
            requesttimeout="20"
            />

      
  <cffunction name="onApplicationStart" returnType="boolean" output="false">
    <!--- When did the application start? --->
    <cfset APPLICATION.appStarted = now()>

    <cfreturn true>
  </cffunction>

  <cffunction name="onApplicationEnd" returnType="void" output="false">
    <cfargument name="appScope" required="true">

    <!--- Log how many minutes the application stayed alive --->
    <cflog file="#THIS.name#" text=
"App ended after #dateDiff('n',ARGUMENTS.appScope.appStarted,now())# minutes.">

  </cffunction>


      <cffunction
            name="OnRequest">
            
                  <!--- If user is not logged in, force them to now --->
      <cfif NOT IsDefined("Session.Auth.IsloggedIn")>
      <!--- If the user is now submitting "login" form, include Login Check" code to validate user --->
                  <cfif IsDefined("Form.UserLogin")>
                              <cfinclude template="home/LoginCheck.cfm">
                  </cfif>
            
            <cfinclude template="home/Login.cfm">
       <cfabort>
      </cfif>
  </cffunction>      
 


<cffunction
            name="OnRequestStart"
            access="public"
            returntype="boolean"
            output="false"
            hint="Fires the initial pre-page processing event.">
            
            <!--- Define arguments. --->
            <cfargument
                  name="Page"
                  type="string"
                  required="true"
                  hint="The ColdFusion script who's execution has been requested."
                  />
            

            <cfset REQUEST.DSN = StructNew() />
            <cfset REQUEST.DSN.Source = "RQITest" />
            <cfreturn true />
      </cffunction>

      
            
</cfcomponent>
mahpogAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

_agx_Commented:
Hi mahpog,

There are at least two ways you could do this

1)  Do everything in the OnRequestStart method and remove the OnRequest method (OR)
2)  Do the security check in OnRequestStart.  

Be aware that when you use the OnRequest method you _must_ explicitly <cfinclude> the requested page yourself.  Otherwise nothing will happen.  ie You will just get a blank screen.

Also, the security check should test the value of Session.Auth.IsloggedIn as well.  If the value is "false" the user should be redirected to the login page.


=====================================
OPTION # 1   (NOTE: There is no OnRequest Method)
=====================================
 
....
<cffunction name="OnRequestStart" access="public" output="false">
	<cfargument name="Page" 
		type="string" 
		required="true"
		hint="The ColdFusion script who's execution has been requested." />
 
	<!--- Check the variable AND its value --->
	<!--- You could also set a default value in OnSessionStart --->
   	<cfif NOT IsDefined("Session.Auth.IsloggedIn") OR NOT Session.Auth.IsloggedIn>
		<cfif IsDefined("Form.UserLogin")>
        	<cfinclude template="home/LoginCheck.cfm" />
		<cfelse>
	       	<cfinclude template="home/Login.cfm" />
        </cfif>
		<cfabort />
	</cfif>
 
	<cfset REQUEST.DSN = StructNew() />
    <cfset REQUEST.DSN.Source = "RQITest" />
</cffunction>
....
 
 
=====================================
OPTION # 2 (Use both OnRequest and OnRequestStart)
=====================================
 
....
<cffunction name="OnRequest" returntype="void" access="public">
	<cfargument name="Page" 
		type="string" 
		required="true"
		hint="The ColdFusion script who's execution has been requested." />
 
	<cfset REQUEST.DSN = StructNew() />
    <cfset REQUEST.DSN.Source = "RQITest" />
	<cfinclude template="#arguments.page#" />
</cffunction>      
 
 
<cffunction name="OnRequestStart" access="public" output="false">
	<cfargument name="Page" 
		type="string" 
		required="true"
		hint="The ColdFusion script who's execution has been requested." />
 
	<!--- Check the variable AND its value --->
	<!--- You could also set a default value in OnSessionStart --->
   	<cfif NOT IsDefined("Session.Auth.IsloggedIn") OR NOT Session.Auth.IsloggedIn>
		<cfif IsDefined("Form.UserLogin")>
        	<cfinclude template="home/LoginCheck.cfm" />
		<cfelse>
	       	<cfinclude template="home/Login.cfm" />
        </cfif>
		<cfabort />
	</cfif>
</cffunction>
....

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
mahpogAuthor Commented:
Both examples worked great. I am happy to see a solution. I have all the Coldfusion Books, and there are no examples of combined situations as mine. Thanks!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Servers

From novice to tech pro — start learning today.