You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cocoon.apache.org by Scott Yeadon <sc...@anu.edu.au> on 2004/07/01 05:35:13 UTC
Authentication and accessing the request object
Hello,
I have set up a basic authetication page using the
authentication-manager and implementing the Authenticator interface with
my own class, which works fine. However I need to pass information back
via the request object within this class but the two parameters for
Authenticator are of type SourceParameters and HandleConfiguration,
neither of which provide me access to the request object nor allow me to
utilise ObjectModelHelper in any way in order to obtain the request
object. Is the only way I can accomplish this not to use the
authentication model but instead break it down into separate actions
which will allow me access to the request? I would rather not do this if
possible. The relevant areas of my sitemap are shown below.
Thanks.
<!-- define some authentication for protected pages -->
<authentication-manager>
<handlers>
<handler name="testauth">
<redirect-to uri="password-login"/>
<authentication authenticator="au.edu.anu.SimpleAuthenticator"/>
</handler>
</handlers>
</authentication-manager>
</map:component-configurations>
<map:pipeline>
<!-- entry to show the login page -->
<map:match pattern="password-login">
<map:call function="handleForm">
<map:parameter name="function" value="passwordLogin"/>
<map:parameter name="form-definition"
value="forms/password-login.xml"/>
</map:call>
</map:match>
<!-- entry to start the authentication process (auth-login action). Note
that the parameter element's name attribute's value MUST start with
"parameter_" according to the doco -->
<map:match
pattern="login">
<map:act type="auth-login">
<map:parameter name="handler" value="testauth"/>
<map:parameter name="parameter_userid"
value="{request-param:userid}"/>
<map:parameter name="parameter_password"
value="{request-param:password}"/>
</map:act>
<!-- authentication failed: -->
<map:redirect-to
uri="http://myInitialScreen"/>
</map:match>
<map:match pattern="logout">
<map:act type="auth-logout">
<map:parameter name="handler" value="testauth"/>
</map:act>
</map:match>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org
Re: Authentication and accessing the request object
Posted by Scott Yeadon <sc...@anu.edu.au>.
That worked fine - Thanks.
I had a follow-on question for this. The following lines of code (within
my authenticator class) did not enable me to obtain the attribute via
Javascript (result was null) - javascript to get result was "var obj =
cocoon.request.getAttribute("myAttr");"
Request request =
ObjectModelHelper.getRequest(ContextHelper.getObjectModel(this.context));
request.setAttribute("myAttr", javaObject);
However the following did work (javascript to get result was "var obj =
cocoon.session.getAttribute("myAttr");"):
Request request =
ObjectModelHelper.getRequest(ContextHelper.getObjectModel(this.context));
Session session = request.getSession();
session.setAttribute("myAttr", javaObject);
Does this mean that somewhere in the authentication framework the
request object (or parts thereof) is possibly being rebuilt rather than
forwarded?
Thanks.
Scott.
Ralph Goers wrote:
> The method recommended to me was to implement Contextualizable. In the
> contextualize method save the context that is passed in. Then use:
>
> Map objModel = ContextHelper.getObjectModel(this.context);
>
> I'm using this in a source factory to get the request object.
>
> Ralph
>
> At 6/30/2004 08:35 PM, you wrote:
>
>> Hello,
>>
>> I have set up a basic authetication page using the
>> authentication-manager and implementing the Authenticator interface
>> with my own class, which works fine. However I need to pass
>> information back via the request object within this class but the two
>> parameters for Authenticator are of type SourceParameters and
>> HandleConfiguration, neither of which provide me access to the
>> request object nor allow me to utilise ObjectModelHelper in any way
>> in order to obtain the request object. Is the only way I can
>> accomplish this not to use the authentication model but instead break
>> it down into separate actions which will allow me access to the
>> request? I would rather not do this if possible. The relevant areas
>> of my sitemap are shown below.
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
> For additional commands, e-mail: users-help@cocoon.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org
Re: Authentication and accessing the request object
Posted by Ralph Goers <Ra...@dslextreme.com>.
The method recommended to me was to implement Contextualizable. In the
contextualize method save the context that is passed in. Then use:
Map objModel = ContextHelper.getObjectModel(this.context);
I'm using this in a source factory to get the request object.
Ralph
At 6/30/2004 08:35 PM, you wrote:
>Hello,
>
>I have set up a basic authetication page using the authentication-manager
>and implementing the Authenticator interface with my own class, which
>works fine. However I need to pass information back via the request object
>within this class but the two parameters for Authenticator are of type
>SourceParameters and HandleConfiguration, neither of which provide me
>access to the request object nor allow me to utilise ObjectModelHelper in
>any way in order to obtain the request object. Is the only way I can
>accomplish this not to use the authentication model but instead break it
>down into separate actions which will allow me access to the request? I
>would rather not do this if possible. The relevant areas of my sitemap are
>shown below.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org