cocoon-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Martin Rusnak <>
Subject Re: Authentication framework and user bean
Date Fri, 15 Apr 2005 19:22:01 GMT
 > To be a little clearer,
 > function authenticate_user()
 > {
 >     var user = service.authenticateUser(cocoon.request.get("username"), cocoon.request.get("password"));
 >     if(user!=null){cocoon.session.setAttribute("user", user);cocoon.session.setAttribute("loggedIn",
 >     cocoon.sendPage("internal/xml-user", {user : user});
 > }
 > the "internal/xml-user" is what generates teh xml for the auth-fw
 > service is a java class I use to handle all the methods of my own user/role management.

In your code, the login process is implemented in flow script. My approach
is little bit different, I implemented only the authenticator class. For the
rest of authentication frunctionality I use existing auth fw actions in
similar way as it is described in auth fw documentation. The question is,
how can I access the session from my authenticator class in order to store
user bean?

Here are the code snippets of my implementation:

Class MyAuthenticator extends Authenticator and is configured in sitemap:

      <handler name="portalhandler">
        <redirect-to uri="cocoon:/login"/>
        <authentication authenticator="myportal.MyAuthenticator"/>

Java source of MyAuthenticator:

public class MyAuthenticator implements Authenticator, Serviceable {


         public AuthenticationResult authenticate(HandlerConfiguration configuration,
                                                  SourceParameters parameters)
         throws ProcessingException {
                 String userID = parameters.getParameter("userid");
                 String password = parameters.getParameter("password");

                 // Create authentication XML tree
                 Document doc = DOMUtil.createDocument();
                 Element authElement =
                         doc.createElementNS(null, "authentication");

                 if (verifyPasswordInDb(userID, password)) {
                         Element element = doc.createElementNS(null, "ID");

                         return new AuthenticationResult(true, doc);
                 } else {
                         Element element = doc.createElementNS(null, "data");
                         element.appendChild(doc.createTextNode("Bad user name or password."));

                         return new AuthenticationResult(false, doc);



To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message