sessionStart interceptor point

Communities ColdBox HMVC
1

I am writing my first custom interceptor today handle Active Directory Authentication. When the session starts I want to setup 2 variables.

public void function sessionStart(){
sessionStorage.setVar(‘isLoggedIn’,false);
sessionStorage.setVar(‘username’,getAuthUser());
}

Now that works fine but is there anyway to manually call sessionStart during development? The way I found to do it is by creating a a onSessionStart() method in my Main handler and announcing the event. Is this a good way to do this?

public void function onSessionStart(event){
announceInterception(“sessionStart”);
}

and then i have to fire off an onSessionStart() in the onRequest to get that to run…

2

You got it, or, you could delete your cookies and CF should trigger a new session.

3

So this is what I don’t get… I shouldn’t need to announce this at all. If you look at the onSessionStart method in coldbox.system.ColdBox this interceptor is already announced for us.

//Execute Session Start interceptors
cbController.getInterceptorService().processState(“sessionStart”,session);

//Execute Session Start Handler
if ( len(cbController.getSetting(“SessionStartHandler”)) ){
cbController.runEvent(event=cbController.getSetting(“SessionStartHandler”),prePostExempt=true);
}

I set my sessionTimeout to 1 minute

this.sessionTimeout = createTimeSpan(0,0,1,0);

and put a dump in my sessionStart method of my Authentication Interceptor

public void function sessionStart(){
sessionStorage.setVar(‘isLoggedIn’,false);
writeDump(session);
abort;
}

This never runs but if I blow away the session cookies (cfid+cftoken) it works fine?

4

You should only need to announce it if your testing your code without really starting a new session.

Are you saying, when you “really” start a new session (using a new browser, or deleting cookies) your interception point is firing as expected, or, not?

5

Yes… but when a session times out onSessionStart should fire again…

6

onSessionEnd should fore when a session times out. When the session starts again, onSessionStart should fire.

Right?