You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cocoon.apache.org by Per Kreipke <pe...@onclave.com> on 2002/08/01 18:38:33 UTC
Authenticators call DB (or other) every request?
It looks to me like authenticator Actions query the database, dbxml, or
whatever on every request.
- Is that really necessary once the session has been established? Probably.
- How expensive are people finding it to be?
Per
---------------------------------------------------------------------
Please check that your question has not already been answered in the
FAQ before posting. <http://xml.apache.org/cocoon/faq/index.html>
To unsubscribe, e-mail: <co...@xml.apache.org>
For additional commands, e-mail: <co...@xml.apache.org>
RE: Authenticators call DB (or other) every request?
Posted by Vadim Gritsenko <va...@verizon.net>.
> From: Per Kreipke [mailto:per@onclave.com]
...
>
> As for my other thread, any experience using container managed
security with
> Cocoon?
Declarative security will work without any changes in Cocoon itself; for
programmatic you can do IsUserInRoleAction and protect some parts of
sitemap...
Don't see an issue here.
Vadim
> Per
---------------------------------------------------------------------
Please check that your question has not already been answered in the
FAQ before posting. <http://xml.apache.org/cocoon/faq/index.html>
To unsubscribe, e-mail: <co...@xml.apache.org>
For additional commands, e-mail: <co...@xml.apache.org>
RE: Authenticators call DB (or other) every request?
Posted by Per Kreipke <pe...@onclave.com>.
> > It looks to me like authenticator Actions query the database, dbxml,
> or
> > whatever on every
>
> login
>
> > request.
Ah. You're right below, I see now that the db-authentication is only called
on the login handler....
> > - Is that really necessary once the session has been established?
> Probably.
>
> Of course, you want to verify password.
... but I thought this also, which is why I figured the DB was being queried
every time since any DB changes would need to be reflected immediately.
Of course, the 'protected' sample doesn't even use a password but I figure
you're speaking abstractly.
> PS Are you confusing authenticators with validators? See
> protected/sitemap.xmap.
Yes.
As for my other thread, any experience using container managed security with
Cocoon?
Per
---------------------------------------------------------------------
Please check that your question has not already been answered in the
FAQ before posting. <http://xml.apache.org/cocoon/faq/index.html>
To unsubscribe, e-mail: <co...@xml.apache.org>
For additional commands, e-mail: <co...@xml.apache.org>
RE: Authenticators call DB (or other) every request?
Posted by Vadim Gritsenko <va...@verizon.net>.
> From: Per Kreipke [mailto:per@onclave.com]
>
> It looks to me like authenticator Actions query the database, dbxml,
or
> whatever on every
login
> request.
>
> - Is that really necessary once the session has been established?
Probably.
Of course, you want to verify password.
PS Are you confusing authenticators with validators? See
protected/sitemap.xmap.
Vadim
> - How expensive are people finding it to be?
>
> Per
---------------------------------------------------------------------
Please check that your question has not already been answered in the
FAQ before posting. <http://xml.apache.org/cocoon/faq/index.html>
To unsubscribe, e-mail: <co...@xml.apache.org>
For additional commands, e-mail: <co...@xml.apache.org>