You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cocoon.apache.org by Yves Vindevogel <yv...@implements.be> on 2003/04/01 00:20:44 UTC
Re: Managing users' permissions through the sitemap
Hi Amelie,
I do a similar thing, and I use an XSP with some scripting in it.
Here's the XSP
It's not through the sitemap, but maybe this helps you.
Yves
<?xml version="1.0" encoding="ISO-8859-1"?>
<xsp:page language="java"
xmlns:xsp="http://apache.org/xsp"
xmlns:esql="http://apache.org/cocoon/SQL/v2"
xmlns:xsp-request="http://apache.org/xsp/request/2.0"
xmlns:xsp-session="http://apache.org/xsp/session/2.0"
create-session="true">
<html>
<esql:connection>
<esql:pool>pierrefabre</esql:pool>
<esql:execute-query>
<esql:query>
select * from tblLogin
where name = '<xsp-request:get-parameter
name="username"/>'
and password = '<xsp-request:get-parameter
name="password"/>' ;
</esql:query>
<esql:results>
<xsp-session:set-attribute name="user">admin</xsp-session:set-attribute>
<body onload="window.location = './../frames.html'"></body>
</esql:results>
<esql:no-results>
<head>
<link rel="stylesheet" type="text/css"
href="./../css/pierrefabre.css"/>
<title>Pierre Fabre Médicament</title>
<meta http-equiv="Content-Type"
content="text/html; charset=ISO-8859-1"/>
<meta http-equiv="pragma" content="no-cache"/>
</head>
<body class="homepage" onload="window.alert ('Username or password not
correct') ; window.location = './../admin/password.html'">
</body>
</esql:no-results>
</esql:execute-query>
</esql:connection>
</html>
</xsp:page>
> Hi everybody,
>
> I have a problem, maybe simple, but I don't know how to deal with.
> I'm sure some of you have enough skills an experience to help me :)
>
> In my database, I've got a table managing the users' permissions.
> There's a global menu (for all the users).
> To know if an user is allowed to open a link from this menu, I need the
> user identifier (given by a session attribute) and an other identifier
> (like a request parameter which comes along with the link for example)
> Then, I want to check in my DB and :
> - if it's ok, open the link
> - if not, diplay an error message
>
> I guess I need to manage this on the sitemap level but I don't know what
> to use.
>
> Currently, I'm using an Authentication action which allows an logged user
> to access to the whole site but, as you can see, I want to be more
> restrictive for some sections of the site.
>
> Any idea would be welcome, thx in advance !
>
> Amelie
--
Met vriendelijke groeten,
Kind regards,
Bien à vous,
Yves Vindevogel
Implements
Kempische Steenweg 206 -- 3500 Hasselt -- Belgium
Phone/Fax: +32 (11) 43.55.76 -- Mobile: +32 (478) 80.82.91
Mail: yves.vindevogel@implements.be -- www.implements.be
Quote: The winner never says participating is more important than winning.
---------------------------------------------------------------------
To unsubscribe, e-mail: cocoon-users-unsubscribe@xml.apache.org
For additional commands, e-mail: cocoon-users-help@xml.apache.org