You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cocoon.apache.org by Adam Flegman <ad...@yahoo.com> on 2003/07/04 02:10:46 UTC
Newbie In Peril
Hello All,
I have recently been delivered to the wonderful world of cocoon. I am very
impressed but what I have seen (and somewhat confused to - so many different
ways to do things). I have been given an almost complete cocoon based web site
to finish in a very short amount of time.
Client Side:
------------
The client side of the web-app is in need of some form on session/login
processing, but its not quite as formal as an offical login....
The client side is avaiable to anyone, anytime (both the general public, and
employees of the company).
The client side of the web site could be accessed at any given page (some
user's will bookmark certain pages)
All the pages in the client side need to know a few things about the user (that
can be calculated from their IP and some info in the database).
Almost every page on the client side will perform some sort of search against
the database. These searches are identical for all users - its just the 'where'
clause that may need some extra conditions based on the type of user (public or
employee).
The Solution???
---------------
Write the code to calculate the usertype once [public|employee]
Perform the calcultion of user details only once.
Ensure that user details have been calculated before the sql code of any page
executes.
Current Position:
------------------
Java code is no problem, and I have used xml and a bit of xslt.
I know the actual java code required to determine the usertype.
I'm guessing the solution will require the usertype details to be carried
around in the session.
I just dont know how to use the power of cocoon to ensure that the usertype
details are calculated before any xsp page is executed.
Any help/hints/tips/references would be greatly appreciated.
Regards,
Adam.
=====
Adam Flegman - Senior Software Engineer
Mobile: (0414) 375 735
Phone: (07) 5547 8530
Facsimile: (07) 5547 8532
Email #1: adam_flegman@yahoo.com
Email #2: planemad@optusnet.com.au
__________________________________
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org
Re: Newbie In Peril
Posted by Nuno Santos <ns...@electroplus.pt>.
That's the spirit!
I'm glad i could help you!
On Mon, 2003-07-07 at 23:01, Adam Flegman wrote:
> Hi Nuno,
>
> I tried to reply a few moments ago but yahoo mail was in an invalid state. I
> just hope you don't get 4-5 thankyou emails from me.
>
> Your solution makes it look so simple. I was thinking it was going to be very
> very hard and complicated to solve. I am only just begging to understand how
> powerful the sitemap is.
>
> I have to finish the client side of the application first before I can look at
> the administrator side of the web site. The administration side will definitely
> need to use the solution you have so generously provided.
>
> Thankyou. Thankyou. Thankyou!
>
> You have saved me so much time and stress. I hope that one day I will know
> enough about cocoon to also be able to give something back to new user's of
> cocoon.
>
>
>
> Ad.
>
> =====
> Adam Flegman - Senior Software Engineer
>
> Mobile: (0414) 375 735
> Phone: (07) 5547 8530
> Facsimile: (07) 5547 8532
> Email #1: adam_flegman@yahoo.com
> Email #2: planemad@optusnet.com.au
>
> __________________________________
> Do you Yahoo!?
> SBC Yahoo! DSL - Now only $29.95 per month!
> http://sbc.yahoo.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
> For additional commands, e-mail: users-help@cocoon.apache.org
--
Nuno Santos <ns...@electroplus.pt>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org
Re: Newbie In Peril
Posted by Adam Flegman <ad...@yahoo.com>.
Hi Nuno,
I tried to reply a few moments ago but yahoo mail was in an invalid state. I
just hope you don't get 4-5 thankyou emails from me.
Your solution makes it look so simple. I was thinking it was going to be very
very hard and complicated to solve. I am only just begging to understand how
powerful the sitemap is.
I have to finish the client side of the application first before I can look at
the administrator side of the web site. The administration side will definitely
need to use the solution you have so generously provided.
Thankyou. Thankyou. Thankyou!
You have saved me so much time and stress. I hope that one day I will know
enough about cocoon to also be able to give something back to new user's of
cocoon.
Ad.
=====
Adam Flegman - Senior Software Engineer
Mobile: (0414) 375 735
Phone: (07) 5547 8530
Facsimile: (07) 5547 8532
Email #1: adam_flegman@yahoo.com
Email #2: planemad@optusnet.com.au
__________________________________
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org
Re: Newbie In Peril
Posted by Adam Flegman <ad...@yahoo.com>.
Thanks Nuno,
Wow it looks much simpler than what I thought it would be.
I have to finish the client side of the site first and then get on to the
administator/maintenance side which is definitely going to require this
authorisation mechanism.
Thankyou. Thankyou. Thankyou!
You have saved me a so much time and a lot of stress.
Ad.
=====
Adam Flegman - Senior Software Engineer
Mobile: (0414) 375 735
Phone: (07) 5547 8530
Facsimile: (07) 5547 8532
Email #1: adam_flegman@yahoo.com
Email #2: planemad@optusnet.com.au
__________________________________
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org
Re: Newbie In Peril
Posted by Nuno Santos <ns...@electroplus.pt>.
This is the core Class I use to Authenticated/Authorize:
Place the "auth-fw" in your "WEB-INF\lib"
In the cocoon.xconf place the following snipet:
--START--
<component
class="com.electroplus.components.auth.impl.DefaultAuthenticationManager" logger="core.auth-manager" role="com.electroplus.components.auth.AuthenticationManager">
<anonymous id="anonymous" display-name="Anonymous" pool-name="eplus"/>
<role name="user" class="com.electroplus.components.auth.users.User"/>
<role name="anonymous"
class="com.electroplus.components.auth.users.AnonymousUser"/>
<role name="auth-user"
class="com.electroplus.components.auth.users.AuthenticatedUser"/>
<role name="customer"
class="com.electroplus.components.auth.users.CustomerUser"/>
<role name="resaller"
class="com.electroplus.components.auth.users.ResallerUser"/>
<role name="operator"
class="com.electroplus.components.auth.users.OperatorUser"/>
<role name="administrator"
class="com.electroplus.components.auth.users.AdministratorUser"/>
</component>
--END--
Add the following matcher to your sitemap
<map:matcher logger="sitemap.selector.roles" name="role"
src="com.electroplus.matching.RoleMatcher"/>
Now you can protected your resources with a matcher like
<map:match pattern="*.pdf">
<map:match type="role" pattern="auth-user">
<!-- your resource -->
<map:match>
<map:redirect-to uri="access-error.html"/>
</map:match>
On Mon, 2003-07-07 at 01:10, Adam Flegman wrote:
> Hi Nuno,
>
> This sounds exactly like what I am asking for :-)
>
> I read a few examples about the authentication framework and thought it was
> what I would need.
>
> I would be most grateful for any java code snippets you may have, and even more
> so for the cocoon configuration related code samples that show how you tell
> cocoon to actually protect your resources with the authorisation classes.
>
>
> Many thanks again for taking the time to reply,
>
>
> Adam.
--
Nuno Santos <ns...@electroplus.pt>
Re: Newbie In Peril
Posted by Adam Flegman <ad...@yahoo.com>.
Hi Nuno,
This sounds exactly like what I am asking for :-)
I read a few examples about the authentication framework and thought it was
what I would need.
I would be most grateful for any java code snippets you may have, and even more
so for the cocoon configuration related code samples that show how you tell
cocoon to actually protect your resources with the authorisation classes.
Many thanks again for taking the time to reply,
Adam.
--- Nuno Santos <ns...@electroplus.pt> wrote:
> The problem you're experiencing is similar to a problem i got will ago!
>
> I was using the authentication framework but that wasn't good enough. So
> i just decided to create my own auth framework!
>
> I build up a user class hierarchy like :
>
> +--> Anonymous
> |
> User --+ +--> Customer --> VIP
> | |
> +--> Authenticated --+
> |
> +--> Operator --> Administrator
>
> Matching each role to a java Class/Interface
>
> Then i created a authentication manager ( initialized in the
> cocoon.xconf ) as a component which makes it accessible wherever in
> cocoon.
>
> The manager stores the user state in the session and checks the state to
> see if it matches a given role! if not logged in it just returns an
> Anonymous Object.
>
> the match of a given role is given by the "instanceof" operator which
> allows me to match any give hierarchy!
>
> if you which to use this implementation just reply to this asking for it
> and i'll post in the mailing list!
>
>
> On Fri, 2003-07-04 at 01:10, Adam Flegman wrote:
> > Hello All,
> >
> > I have recently been delivered to the wonderful world of cocoon. I am very
> > impressed but what I have seen (and somewhat confused to - so many
> different
> > ways to do things). I have been given an almost complete cocoon based web
> site
> > to finish in a very short amount of time.
> >
> >
> > Client Side:
> > ------------
> > The client side of the web-app is in need of some form on session/login
> > processing, but its not quite as formal as an offical login....
> >
> > The client side is avaiable to anyone, anytime (both the general public,
> and
> > employees of the company).
> >
> > The client side of the web site could be accessed at any given page (some
> > user's will bookmark certain pages)
> >
> > All the pages in the client side need to know a few things about the user
> (that
> > can be calculated from their IP and some info in the database).
> >
> > Almost every page on the client side will perform some sort of search
> against
> > the database. These searches are identical for all users - its just the
> 'where'
> > clause that may need some extra conditions based on the type of user
> (public or
> > employee).
> >
> >
> > The Solution???
> > ---------------
> > Write the code to calculate the usertype once [public|employee]
> >
> > Perform the calcultion of user details only once.
> >
> > Ensure that user details have been calculated before the sql code of any
> page
> > executes.
> >
> >
> > Current Position:
> > ------------------
> > Java code is no problem, and I have used xml and a bit of xslt.
> >
> > I know the actual java code required to determine the usertype.
> >
> > I'm guessing the solution will require the usertype details to be carried
> > around in the session.
> >
> > I just dont know how to use the power of cocoon to ensure that the usertype
> > details are calculated before any xsp page is executed.
> >
> >
> >
> > Any help/hints/tips/references would be greatly appreciated.
> >
> >
> >
> >
> > Regards,
> >
> >
> > Adam.
> >
> > =====
> > Adam Flegman - Senior Software Engineer
> >
> > Mobile: (0414) 375 735
> > Phone: (07) 5547 8530
> > Facsimile: (07) 5547 8532
> > Email #1: adam_flegman@yahoo.com
> > Email #2: planemad@optusnet.com.au
> >
> > __________________________________
> > Do you Yahoo!?
> > SBC Yahoo! DSL - Now only $29.95 per month!
> > http://sbc.yahoo.com
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
> > For additional commands, e-mail: users-help@cocoon.apache.org
> --
> Nuno Santos <ns...@electroplus.pt>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
> For additional commands, e-mail: users-help@cocoon.apache.org
>
=====
Adam Flegman - Senior Software Engineer
Mobile: (0414) 375 735
Phone: (07) 5547 8530
Facsimile: (07) 5547 8532
Email #1: adam_flegman@yahoo.com
Email #2: planemad@optusnet.com.au
__________________________________
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org
Re: Newbie In Peril
Posted by Nuno Santos <ns...@electroplus.pt>.
The problem you're experiencing is similar to a problem i got will ago!
I was using the authentication framework but that wasn't good enough. So
i just decided to create my own auth framework!
I build up a user class hierarchy like :
+--> Anonymous
|
User --+ +--> Customer --> VIP
| |
+--> Authenticated --+
|
+--> Operator --> Administrator
Matching each role to a java Class/Interface
Then i created a authentication manager ( initialized in the
cocoon.xconf ) as a component which makes it accessible wherever in
cocoon.
The manager stores the user state in the session and checks the state to
see if it matches a given role! if not logged in it just returns an
Anonymous Object.
the match of a given role is given by the "instanceof" operator which
allows me to match any give hierarchy!
if you which to use this implementation just reply to this asking for it
and i'll post in the mailing list!
On Fri, 2003-07-04 at 01:10, Adam Flegman wrote:
> Hello All,
>
> I have recently been delivered to the wonderful world of cocoon. I am very
> impressed but what I have seen (and somewhat confused to - so many different
> ways to do things). I have been given an almost complete cocoon based web site
> to finish in a very short amount of time.
>
>
> Client Side:
> ------------
> The client side of the web-app is in need of some form on session/login
> processing, but its not quite as formal as an offical login....
>
> The client side is avaiable to anyone, anytime (both the general public, and
> employees of the company).
>
> The client side of the web site could be accessed at any given page (some
> user's will bookmark certain pages)
>
> All the pages in the client side need to know a few things about the user (that
> can be calculated from their IP and some info in the database).
>
> Almost every page on the client side will perform some sort of search against
> the database. These searches are identical for all users - its just the 'where'
> clause that may need some extra conditions based on the type of user (public or
> employee).
>
>
> The Solution???
> ---------------
> Write the code to calculate the usertype once [public|employee]
>
> Perform the calcultion of user details only once.
>
> Ensure that user details have been calculated before the sql code of any page
> executes.
>
>
> Current Position:
> ------------------
> Java code is no problem, and I have used xml and a bit of xslt.
>
> I know the actual java code required to determine the usertype.
>
> I'm guessing the solution will require the usertype details to be carried
> around in the session.
>
> I just dont know how to use the power of cocoon to ensure that the usertype
> details are calculated before any xsp page is executed.
>
>
>
> Any help/hints/tips/references would be greatly appreciated.
>
>
>
>
> Regards,
>
>
> Adam.
>
> =====
> Adam Flegman - Senior Software Engineer
>
> Mobile: (0414) 375 735
> Phone: (07) 5547 8530
> Facsimile: (07) 5547 8532
> Email #1: adam_flegman@yahoo.com
> Email #2: planemad@optusnet.com.au
>
> __________________________________
> Do you Yahoo!?
> SBC Yahoo! DSL - Now only $29.95 per month!
> http://sbc.yahoo.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
> For additional commands, e-mail: users-help@cocoon.apache.org
--
Nuno Santos <ns...@electroplus.pt>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org