Okay. I got the cookies to work. Here's the code that I used in tcl/ad-security.tcl:
ad_proc ad_user_login {
{ -forever f }
db user_id
} { Logs the user in, forever (via the user_login cookie) if -forever is true. }
{
global ad_sec_user_id
set ad_sec_user_id $user_id
set user_id_for_update [ad_decode $user_id 0 "null" $user_id]
sec_generate_session_id_cookie
ns_db dml $db "
update sec_sessions
set user_id = $user_id_for_update
where session_id = [ad_get_session_id]
"
util_memoize_flush "sec_get_session_info [ad_get_session_id]"
if { $user_id == 0 } {
ad_set_cookie -replace t -max_age 0 ad_session_id ""
ad_set_cookie -replace t -max_age 0 ad_secure_token ""
ad_set_cookie -replace t -max_age 0 ad_user_login ""
ad_set_cookie -replace t -max_age 0 ad_user_login_secure ""
}
if { $forever == "t" && $user_id != 0 } {
set password [database_to_tcl_string $db "select password from users where user_id = $user_id"]
if { [ad_secure_conn_p] } {
ad_set_cookie -expires never -secure f
"ad_user_login" "$user_id,[sec_hexify $password]"
ad_set_cookie -expires never -secure t
"ad_user_login_secure" "$user_id,[sec_hexify $password]"
} else {
ad_set_cookie -expires never -secure f
"ad_user_login" "$user_id,[sec_hexify $password]"
}
#if { [ad_secure_conn_p] } {
# set secure "t"
#} else {
# set secure "f"
#}
#set password [database_to_tcl_string $db "select password from users wh
ere user_id = $user_id"]
#ad_set_cookie -expires never -secure $secure
# "ad_user_login" "$user_id,[sec_hexify $password]"
}
}
Then you need to change the www/register/logout.tcl line to:
ns_returnredirect "/cookie-chain.tcl?cookie_name=[ns_urlencode ad_user_login]&cookie_value=expired&expire_state=e&final_page=[ns_urlencode /]"
My only concern is that the password is "hexafied" into the cookie. In the ACS 4.x, [ns_time] is used instead of a hexified password.