cocoon-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Pascal Davoust" <>
Subject [Action] Best practices for authentication
Date Wed, 13 Feb 2002 19:28:16 GMT
Hi all,

I've been experimenting with Cocoon 2.0.1 (and before that with Cocoon 1,
but didn't do much with it because of the lack of features more than
available in C2 now, mainly actions).
And now I'm wondering about the 'protected' sample in the distro.

Basically, having a page protected by authentication involves an action
(DatabaseAuthenitcatorAction, in this case) to check that authentication was
successful before serving the resource (understand: page), or redirect to
login if authentication failed.
The pattern for this is basically:

  <map:match pattern="matching-pattern">
    <map:act type="session-validator">
      <!-- The protected (needing authentication) content -->
  <map:redirect-to uri="login"/>

And if I correctly understand, it means that I've got to specify that schema
for *every* match I want to protect, right? Seems a bit of overhead to me
(may increase the maintenance cost for the sitemap)...

Is there a "smarter" way of doing this? Quite frankly, that's the only one I
see (I came to that conclusion myself *before* seing the protected
sample)... but you guys have zillion times more experience than me with this
topic! :)

By the way, C2 rocks! :)



Do You Yahoo!?
Get your free address at

Please check that your question has not already been answered in the
FAQ before posting. <>

To unsubscribe, e-mail: <>
For additional commands, e-mail: <>

View raw message