cocoon-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Pascal Davoust" <davou...@yahoo.com>
Subject RE: [Action] Best practices for authentication
Date Wed, 13 Feb 2002 23:49:00 GMT
Mmh, I probably missed something here... I tried what you proposed, but I
get a compilation error. Here's what I did at first, which works correctly:

<map:pipeline>
  <map:match pattern="account">
    <!-- Makes sure that authentication has been successful -->
    <map:act type="session-validator">
      <map:parameter name="descriptor"
           value="file://config/session-params.xml"/>
      <map:parameter name="validate" value="user/login"/>

      <!-- The protected content for that match -->
    </map:act>
  </map:match>
</map:pipeline>

(login is in another pipeline... does it matter?)

And then I tried to reverse the pattern, like this:

<map:pipeline>
  <!-- Makes sure that authentication has been successful -->
  <map:act type="session-validator">
    <map:parameter name="descriptor"
           value="file://config/session-params.xml"/>
    <map:parameter name="validate" value="user/login"/>

    <map:match pattern="account">
      <!-- The protected content for that match -->
    </map:match>
  </map:act>
</map:pipeline>

And I get an error, which is :
Error compiling sitemap_xmap: Line 901, column 6: Undefined variable: param

I had a look to the source code, it's obviously missing the variable
declaration. Did I forget something here?

By the way, I found that the "context://..." specifier as a parameter value
for the action descriptor doesn't work (did I correctly understand that this
sub-protocol is related to the sitemap?), whereas "file://...." does the
trick (I want to specify a path relative to the sitemap its written into).

Thanks,

			Pascal.

-----Original Message-----
From: Pascal Davoust [mailto:davoustp@yahoo.com]
Sent: Wednesday, February 13, 2002 10:13 PM
To: cocoon-users@xml.apache.org
Subject: RE: [Action] Best practices for authentication


Ok, it was too simple and too obvious for me! That's the way I like problems
to be solved. :)

Thanks!

			Pascal.

-----Original Message-----
From: Vadim Gritsenko [mailto:vadim.gritsenko@verizon.net]
Sent: Wednesday, February 13, 2002 8:37 PM
To: cocoon-users@xml.apache.org
Subject: RE: [Action] Best practices for authentication


> From: Pascal Davoust [mailto:davoustp@yahoo.com]
>
> Hi all,
>
> I've been experimenting with Cocoon 2.0.1 (and before that with Cocoon
1,
> but didn't do much with it because of the lack of features more than
> available in C2 now, mainly actions).
> And now I'm wondering about the 'protected' sample in the distro.
>
> Basically, having a page protected by authentication involves an
action
> (DatabaseAuthenitcatorAction, in this case) to check that
authentication was
> successful before serving the resource (understand: page), or redirect
to
> login if authentication failed.
> The pattern for this is basically:
>
>   <map:match pattern="matching-pattern">
>     <map:act type="session-validator">
>       <!-- The protected (needing authentication) content -->
>     </map:act>
>   <map:redirect-to uri="login"/>
>
> And if I correctly understand, it means that I've got to specify that
schema
> for *every* match I want to protect, right? Seems a bit of overhead to
me
> (may increase the maintenance cost for the sitemap)...
>
> Is there a "smarter" way of doing this? Quite frankly, that's the only
one I
> see (I came to that conclusion myself *before* seing the protected
> sample)... but you guys have zillion times more experience than me
with this
> topic! :)
>

Reverse this, action before match:

 <!-- have "login" before action to avoid loop -->
 <map:match pattern="login">
    ...
 </map:match>

 <map:act type="session-validator">
   <!-- The protected (needing authentication) content -->

   <map:match pattern="matching-pattern1">
      ...
   </map:match>

   <map:match pattern="matching-pattern2">
      ...
   </map:match>

 </map:act>
 <!-- Nothing is unprotected -->
 <map:redirect-to uri="login"/>

(this is supported since 2.0.1)


> By the way, C2 rocks! :)

Thanks!

Vadim



---------------------------------------------------------------------
Please check that your question has not already been answered in the
FAQ before posting. <http://xml.apache.org/cocoon/faqs.html>

To unsubscribe, e-mail: <cocoon-users-unsubscribe@xml.apache.org>
For additional commands, e-mail: <cocoon-users-help@xml.apache.org>


_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com


---------------------------------------------------------------------
Please check that your question has not already been answered in the
FAQ before posting. <http://xml.apache.org/cocoon/faqs.html>

To unsubscribe, e-mail: <cocoon-users-unsubscribe@xml.apache.org>
For additional commands, e-mail: <cocoon-users-help@xml.apache.org>


_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com


---------------------------------------------------------------------
Please check that your question has not already been answered in the
FAQ before posting. <http://xml.apache.org/cocoon/faqs.html>

To unsubscribe, e-mail: <cocoon-users-unsubscribe@xml.apache.org>
For additional commands, e-mail: <cocoon-users-help@xml.apache.org>


Mime
View raw message