1 <?xml version="1.0" encoding="iso-8859-1"?> 2 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 3 <html xmlns="http://www.w3.org/1999/xhtml"> 4 <head> 5 <meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type" /> 6 <title>Users and Authentication</title> 7 <link href="styles.css" rel="stylesheet" type="text/css" /> 8 </head> 9 <body> 10 <h1>Users and Authentication</h1> 11 <p>One way of discovering the identity of the user sending a request 12 into your application is to test the identity using methods on the 13 transaction object. Before this can be made to work, you must set 14 up authentication for your application, as described in <a 15 href="securing.html">"Securing a WebStack Application"</a>. Once 16 authentication is working, every request that arrives in the 17 application will have the identity of the user attached automatically.</p> 18 <h2>Uses of User Identity</h2> 19 <p>Having access to a user's identity can be useful in making decisions 20 about which operations that user is able to perform within your 21 application. Moreover, the user identity provided by authentication 22 mechanisms can tell you more about who that user is, as opposed to 23 typical session information which, on its own, can only really confirm 24 that the user in question has visited the application before.</p> 25 <div class="WebStack"> 26 <h3>WebStack API - User Identity</h3> 27 <p>Transaction objects have the following methods for inspecting and 28 redefining the identity of users:</p> 29 <dl> 30 <dt><code>get_user</code></dt> 31 <dd>This gets the name of the user attempting to access the 32 application.</dd> 33 <dt><code>set_user</code></dt> 34 <dd>This sets the name of the user, thus affecting subsequent calls 35 to <code>get_user</code>, allowing certain parts of an application to 36 view users according to other criteria than their basic username - for 37 example, one might use <code>set_user</code> to redefine each user's 38 identity in terms of the role that user may have in an application.</dd> 39 </dl> 40 </div> 41 </body> 42 </html>