Skip over navigation

Roxen Interactive RXML Help

<ac-cookie-auth/>

Sets a login cookie from form variables.

If the username and password is correct, the <ac-cookie-auth> tag generates a random string using a generator that combines true randomness with pseudo random sequences. The random string is stored in the AC database, and sent to the browser in a cookie. This token is used when authenticating through the AC: Cookie HTTP authentication module. The token is stored in a cookie called RoxenACauth.

In addition to the attributes documented below, the tag also handles some of the attributes handled by <set-cookie>, namely domain, path, secure and httponly.

Unless SSL is used, this method has relatively low security; a token that may be used to get access to a protected resource is sent unencrypted over the network.

<form method="post"> Username: <input type="text" name="username"/> Password: <input type="password" name="password"/> <input type="submit"/> </form> <ac-cookie-auth username_variable="username" password_variable="password"/>

Attributes

username_variable
username_variable=string

Variable name in the form scope to read the username from.

password_variable
password_variable=string

Variable name in the form scope to read the password from.

persistent

If this attribute is present the cookie will be stored in the browser between browser sessions, otherwise the cookie will be removed when the browser session ends.

ok_var
ok_var=name

If authentication was successful the variable with the given name will be set in the form scope.