Versions Compared

Old Version 3

changes.mady.by.user user-2c621

Saved on

compared with

New Version 4

changes.mady.by.user user-2c621

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  Begin_Com Role(*EXTENDS #PRIM_SRVM)
  Persist Fields(#SessionUserID #SessionPassword)
 
  SrvRoutine Name(Signin) 
  Field_Map For(*Input) Field(#User) 
  Field_Map For(*Input) Fields(#Password) 
  Field_Map For(*Output) Fields(#io$sts)   

  If (#Com_owner.VerifyUser( #User #Password ))   

  #Com_owner.StartSession Timeout(900) 
  #io$sts := OK   

  * Store Persistent Data     
  #SessionUserID := #User 
  #SessionPassword := #Password   

  Else   

  #io$sts := ER
   
  Endif 
  Endroutine
 
  SrvRoutine Name(DoSomething) Session(Required) 
  Field_Map For(*Input) Field(#User)   

  If (#User = #SessionUser)   
   * process request 
  Endif

  Endroutine
  SrvRoutine Name(SignOut) Session(*required)
 
  #com_owner.EndSession
 
  Endroutine

The Signin routine has an implicit Session(*None) parameter meaning that no session is required to execute the routine. The User ID and Password are passed into the routine and assuming they're valid, are stored in variables that have been defined elsewhere in the source as persistent.

...

All subsequent routines will have Session(*Required). For added security, they may require the User id to be included. This can be compared to the persistent session data.
 
  SrvRoutine Name(DoSomething) Session(*Required) 
  Field_Map For(*Input) Field(#User) 
 
  If (#User = #SessionUser)
   
  Endif

  Endroutine

When a SrvRoutine is executed, the necessary session data is passed to the server and tested to ensure that the timeout hasn't been hit. If it has, the Failed event will be fired in Visual LANSA and the stateful client side can respond accordingly, perhaps showing the sign on screen again.

...