You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cocoon.apache.org by Peter Flynn <pf...@ucc.ie> on 2007/01/08 14:44:38 UTC
Aggregate fields
I'd like to be able to present a single form field (HTML <input>) for
the gathering of a user's full name, but be able to split it into
forename and surname. The aggregatefield appears to be designed for
this, but the documentation provides no details on templating it.
<fd:aggregatefield id="organiser" required="true">
<fd:widgets>
<fd:field id="forename" required="true">
<fd:label>Forename</fd:label>
<fd:datatype base="string"/>
</fd:field>
<fd:field id="surname" required="true">
<fd:label>Surname</fd:label>
<fd:datatype base="string"/>
</fd:field>
</fd:widgets>
<fd:split pattern="\([^\ ]*\)\ \([^\ ]*\)">
<fd:map group="1" field="forename"/>
<fd:map group="1" field="surname"/>
</fd:split>
<fd:combine expression="forename surname"/>
</fd:aggregatefield>
However, in the form template, if I say
<tr>
<td><ft:widget-label id="organiser"/></td>
<td><ft:widget id="organiser"/></td>
</tr>
it understandably complains that there is no widget "organiser". What
have I misunderstood?
///Peter
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org
Re: Aggregate fields
Posted by Peter Flynn <pf...@ucc.ie>.
Mark Lundquist wrote:
>
> On Jan 8, 2007, at 5:44 AM, Peter Flynn wrote:
>
>> [..snip] it understandably complains that there is no widget
>> "organiser". What have I misunderstood?
>
> Do this:
>
> <ft:aggregate-widget id="organiser">
> <ft:widget id="forename"/>
> <ft:widget id="surname"/>
> </ft:aggregate-widget>
Thanks very much.
///Peter
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org
Re: Authentication puzzle
Posted by Peter Flynn <pf...@ucc.ie>.
Armaz Mellati wrote:
> May I ask you what version of Cocoon you are using?
2.1.8
> I ask because the documentation you are refering to is somewhat
> outdated if you are using 1.2.10 (may be even for 1.2.9).
I was going to upgrade to the latest stable (2.1.10?) when I move this
from the pilot machine to the production machine.
> I found out that in version 1.2.10 Cocoon is set up to use the new
> CoWarp authentication framwork (Which is a better one).
I haven't looked at this. If that's where the future lies, I should
move, but I'd be concerned if it's going to change again and again with
every version.
> But things are different when using that. If you look at your
> cocoon.xconf,
I thought I read somewhere that that file was obsolete and only retained
for backward compatibility.
> you can find the following : "If you want to use the authentication
> framework, comment out the above line and uncomment the following
> line:"
Aha. Excellent. Very many thanks, I'll try it.
But if people recommend using CoWarp instead, I'll use it. However, I
don't see any documentation at cocoon.apache.org. Is it still
experimental or is anyone using it in production? Looking at the
introduction at cowarp.sourceforge.net, it claims "If you look at the
usual Cocoon configuration, the sitemaps, you will not see that your
pipelines are only accessible for authenticated users." This is
absolutely not true: the <map:act type="auth-protect"> makes it
abundantly clear that my pipeline *is* subject to authentication.
Perhaps the author meant something else.
Part of the difficulty is that it keeps on talking about "an
application". I don't have any (yet) -- I just want to protect a single
document, nothing else. Later on I'll want to extend that to whole
applications, but to get it working and understand the mechanism, I need
some *much* more explanatory documentation (like a worked example). Does
anyone know if such a thing exists? I'm happy to do it and write the doc
if I can find out how to make it work.
///Peter
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org
RE: Authentication puzzle
Posted by Armaz Mellati <ar...@uninett.no>.
Hi
May I ask you what version av Cocoon you are using? I ask because the documentation you are refering to is somewhat outdated if you
are using 1.2.10 (may be even for 1.2.9).
I found out that in version 1.2.10 Cocoon is set up to use the new CoWarp authetication framwork (Which is a better one). But things
are different when using that. If you look at your cocoon.xconf, you can find the following :
"If you want to use the authentication framework, comment out the above line and uncomment the following line:"
Hope this helps.
Regards,
Armaz
> -----Original Message-----
> From: Peter Flynn [mailto:pflynn@ucc.ie]
> Sent: Wednesday, January 10, 2007 10:42 AM
> To: users@cocoon.apache.org
> Subject: Re: Authentication puzzle
>
> Steven D. Majewski wrote:
>
> > My understanding is that the Authentication Framework is just a
> > framework -- it doesn't itself do any authentication or
> > encryption/decryption of passwords.
>
> I understand that it doesn't do any authentication: that's
> what I wrote the little XML and XSLT files for: to output the
> format specified in the doc at
> http://cocoon.apache.org/2.1/developing/webapps/authentication.html
>
> I did, however, expect it to pass the password in crypt(3)
> form, but that's not important for now.
>
> > It manages protected resources and restricts them to authenticated
> > users. ( Because typically sites will want to plug in different
> > authentication mechanisms. )
>
> Yes, that much I'm happy with. I'll eventually want this to
> authenticate against Active Directory or an LDAP server.
>
> > I'm not clear on what you're trying to do. Are you doing
> trying to do
> > HTTP Basic Authentication ?
>
> For now I just want to authenticate using the little file I
> posted, which provides a username and password per user that
> I can match against locally.
>
> I'm not sure what "HTTP Basic Authentication" is (unless it's
> like the method used by regular Apache httpd for web
> passwords -- but that *does* use crypt(3)). I'm using the
> file system: my auth.xml and auth.xsl with the
> parameter_username and parameter_password as per the document
> image in
> http://cocoon.apache.org/2.1/developing/webapps/authentication.html
>
> <map:match pattern="login">
> <map:generate src="auth.xml"/>
> <map:transform src="auth.xsl" type="xslt">
> <map:parameter name="use-request-parameters" value="true"/>
> </map:transform>
> <map:serialize type="xml"/>
> </map:match>
>
> > And I'm not sure what you mean by "required crypt(3)" -
> required by whom ?
>
> Me. I assumed (obviously wrongly) that Cocoon would handle
> the encryption of the password. No matter -- for the moment I
> don't care; but the problem still stands in that it isn't
> coming back with authentication when I provide the right
> userid/password pair in Cocoon, but it *does* provide the
> specified output if I perform the same action from the shell
> commandline using Saxon.
>
> > HTTP Basic Authentication sends the bas64 encoding of
> "user:password"
> > They aren't encrypted.
>
> Base64? Ewww. So if I store the userid and password in my XML
> disk file in base64 encoding they should be matched?
>
> > ( But if you're trying to port users from an Apache
> .htpasswd file ,
> > then THOSE entries are encrypted with crypt(3). That was my problem
> > and I found and adapted a javascript version of crypt. )
>
> No, I wasn't trying to use those: I just assumed the concept
> would be the same, only performed by my XML file and its XSLT
> procedure.
>
> The documentation is missing this vital information in that case.
>
> Has anyone ever implemented a small test case where
> authentication is performed by a component which just runs
> XSLT over XML and matches the passed userid/password
> parameters with values in the XML file, and returns the
> format specified in the Cocoon doc at
> http://cocoon.apache.org/2.1/developing/webapps/authentication.html
>
> ///Peter
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
> For additional commands, e-mail: users-help@cocoon.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org
Re: Authentication puzzle
Posted by Peter Flynn <pf...@ucc.ie>.
Steven D. Majewski wrote:
> My understanding is that the Authentication Framework is just a
> framework -- it doesn't itself do any authentication or
> encryption/decryption of passwords.
I understand that it doesn't do any authentication: that's what I wrote
the little XML and XSLT files for: to output the format specified in the
doc at http://cocoon.apache.org/2.1/developing/webapps/authentication.html
I did, however, expect it to pass the password in crypt(3) form, but
that's not important for now.
> It manages protected resources and restricts them to authenticated
> users. ( Because typically sites will want to plug in different
> authentication mechanisms. )
Yes, that much I'm happy with. I'll eventually want this to authenticate
against Active Directory or an LDAP server.
> I'm not clear on what you're trying to do. Are you doing trying to do
> HTTP Basic Authentication ?
For now I just want to authenticate using the little file I posted,
which provides a username and password per user that I can match against
locally.
I'm not sure what "HTTP Basic Authentication" is (unless it's like the
method used by regular Apache httpd for web passwords -- but that *does*
use crypt(3)). I'm using the file system: my auth.xml and auth.xsl with
the parameter_username and parameter_password as per the document image
in http://cocoon.apache.org/2.1/developing/webapps/authentication.html
<map:match pattern="login">
<map:generate src="auth.xml"/>
<map:transform src="auth.xsl" type="xslt">
<map:parameter name="use-request-parameters" value="true"/>
</map:transform>
<map:serialize type="xml"/>
</map:match>
> And I'm not sure what you mean by "required crypt(3)" - required by whom ?
Me. I assumed (obviously wrongly) that Cocoon would handle the
encryption of the password. No matter -- for the moment I don't care;
but the problem still stands in that it isn't coming back with
authentication when I provide the right userid/password pair in Cocoon,
but it *does* provide the specified output if I perform the same action
from the shell commandline using Saxon.
> HTTP Basic Authentication sends the bas64 encoding of "user:password"
> They aren't encrypted.
Base64? Ewww. So if I store the userid and password in my XML disk file
in base64 encoding they should be matched?
> ( But if you're trying to port users from an Apache .htpasswd file ,
> then THOSE entries are encrypted with crypt(3). That was my problem
> and I found and adapted a javascript version of crypt. )
No, I wasn't trying to use those: I just assumed the concept would be
the same, only performed by my XML file and its XSLT procedure.
The documentation is missing this vital information in that case.
Has anyone ever implemented a small test case where authentication is
performed by a component which just runs XSLT over XML and matches the
passed userid/password parameters with values in the XML file, and
returns the format specified in the Cocoon doc at
http://cocoon.apache.org/2.1/developing/webapps/authentication.html
///Peter
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org
Re: Authentication puzzle
Posted by "Steven D. Majewski" <sd...@virginia.edu>.
On Jan 9, 2007, at 11:57 AM, Peter Flynn wrote:
> I am trying to get simple authentication to work for a single
> document,
> using local files for the authentication step, but I can't get it
> to return an authentication success.
>
> The following works fine when run using Saxon from the commandline,
> with userid=peter and password=GHYTFVN.map4h (ie it returns the
> expected authentication XML:
> <authentication><ID>abcd</ID><role>*</role><data>authok:peter</
> data></authentication>
> and when run with other data it returns the failure:
> <authentication><data>authfail:peter</data></authentication>
> as described in
> http://cocoon.apache.org/2.1/developing/webapps/authentication.html
>
> But run via Cocoon it only fails. Does Cocoon automatically perform
> the required crypt(3) on the password string from the form before
> passing the parameter_password into the handler authentication URI?
I'm a beginner here (cocoon) myself, and I'm not sure I understand
your problem/question, but:
My understanding is that the Authentication Framework is just a
framework -- it doesn't itself
do any authentication or encryption/decryption of passwords. It
manages protected resources
and restricts them to authenticated users. ( Because typically sites
will want to plug in different
authentication mechanisms. )
I'm not clear on what you're trying to do. Are you doing trying to do
HTTP Basic Authentication ?
And I'm not sure what you mean by "required crypt(3)" - required by
whom ?
HTTP Basic Authentication sends the bas64 encoding of
"user:password" They aren't encrypted.
( But if you're trying to port users from an Apache .htpasswd file ,
then THOSE entries are encrypted
with crypt(3). That was my problem and I found and adapted a
javascript version of crypt. )
-- Steve Majewski / UVA Alderman Library
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org
Authentication puzzle
Posted by Peter Flynn <pf...@ucc.ie>.
I am trying to get simple authentication to work for a single document,
using local files for the authentication step, but I can't get it to
return an authentication success.
The following works fine when run using Saxon from the commandline,
with userid=peter and password=GHYTFVN.map4h (ie it returns the expected
authentication XML:
<authentication><ID>abcd</ID><role>*</role><data>authok:peter</data></authentication>
and when run with other data it returns the failure:
<authentication><data>authfail:peter</data></authentication>
as described in
http://cocoon.apache.org/2.1/developing/webapps/authentication.html
But run via Cocoon it only fails. Does Cocoon automatically perform the
required crypt(3) on the password string from the form before passing
the parameter_password into the handler authentication URI?
///Peter
XML:
<users>
<user id="peter" authority="abcd">
<name>Peter Flynn</name>
<branchuri>*</branchuri>
<crypt>GHYTFVN.map4h</crypt>
</user>
</users>
XSLT:
<?xml version="1.0"?>
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
version="1.0">
<xsl:output method="xml"/>
<xsl:param name="userid"/>
<xsl:param name="password"/>
<xsl:template match="/">
<authentication>
<xsl:choose>
<xsl:when test="users/user/@id=$userid and
users/user[@id=$userid]/crypt=$password">
<ID>
<xsl:value-of select="users/user[@id=$userid]/@authority"/>
</ID>
<role>
<xsl:value-of select="users/user[@id=$userid]/branchuri">
</role>
<data>
<xsl:text>authok:</xsl:text>
<xsl:value-of select="users/user[@id=$userid]/@id"/>
</data>
</xsl:when>
<xsl:otherwise>
<data>
<xsl:text>authfail:</xsl:text>
<xsl:value-of select="users/user[@id=$userid]/@id"/>
</data>
</xsl:otherwise>
</xsl:choose>
</authentication>
</xsl:template>
</xsl:stylesheet>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org
Re: Aggregate fields
Posted by Mark Lundquist <ml...@wrinkledog.com>.
On Jan 8, 2007, at 5:44 AM, Peter Flynn wrote:
> [..snip] it understandably complains that there is no widget
> "organiser". What have I misunderstood?
Do this:
<ft:aggregate-widget id="organiser">
<ft:widget id="forename"/>
<ft:widget id="surname"/>
</ft:aggregate-widget>
cheers,
—ml—
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org