You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cocoon.apache.org by Frank Ridderbusch <fr...@gmx.de> on 2002/06/08 23:30:10 UTC

Cocoon and Integration with Apache Authentication/Authorization System

Hi folks,

I'm looking for some ideas/suggestions, how I might integrate cocoon better
with Apache's basic authentication system or the other way around.

I'm running a departmental website and have recently revamped the layout using
cocoon. I've plugged cocoon into apache via mod_jk and for any
incoming requests I'm using a split approach in that the view is created by 
cocoon and most of the static data like Word documents, images etc. are 
delivered directly through apache. This also allowed to keep the existing
basic authentication/authorization from apache for those documents, which I
wanted to secure.

Now, historically my user/role database is in a Berkely DB file. Then later, 
when nearly everybody was using PC's connected to a Windows domain, I plugged a
mod_auth_samba module into apache. This allowed me to additionally authenticate
a user against the Windows domain controller (with a little local DB file for 
groups/roles). 

Now, this still works for simple servlets. But it does not work any longer with
cocoon since cocoon internally basically works with the pathinfo, which comes 
after the initial /cocoon in the URL. So I guess, the best I could do, would be
to put a .htaccess file into the base webapps/cocoon directory and secure the
whole cocoon system, which is not quite, what I want. 

Now, I know, that cocoon also has a authentication/authorization system
(Carsten Zieglers work). 

I'm now looking for an idea, how I can connect apache with cocoon in terms
of authentication and authorization.

- Should cocoon redirect to a apache page, which in turn feeds the results
  of the basic authentication back into cocoon? What would I need to know
  to do this?

- Should I use cocoon for authentication and use the information in the 
  cookie and use the Apache::AuthCookie for the rest of the apache/mod_perl 
  system. Or the other way around? Start with a basic authenticated page,
  stuff the required info into a cookie and use Apache::AuthCookie for the
  rest of the apache system and somehow also use the info from the cookie
  in the cocoon pipelines.

  I guess, this would mean, I would have to fiddle with JAAS to connect 
  to the Windows domain controller (I tried to make sense from the JAAS
  documentation, but haven't yet really succeded). 

I just don't like to introduce another authentication system into my setup. 
Either switch completely to something new or integrate into the existing 
setup.

I appretiate any thoughts/suggestions you might have. 

Thank's. 
-- 
MfG/Regards

Frank Ridderbusch

Since I have taken all the Gates out of my computer, it finally works!!

---------------------------------------------------------------------
Please check that your question has not already been answered in the
FAQ before posting. <http://xml.apache.org/cocoon/faqs.html>

To unsubscribe, e-mail: <co...@xml.apache.org>
For additional commands, e-mail: <co...@xml.apache.org>