You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cocoon.apache.org by Oleg Konovalov <ol...@yahoo.com> on 2005/06/10 19:55:58 UTC
Access to user role
Hi,
I am modifying somebody else's Cocoon application.
I need to disallow users with some specific role
to see certain parts of the screen (pseudo-menu).
An existing mechanism for that is:
<xsl:variable name='isUser'
select='/root/secure:securityProfile/secure:roles/secure:role[.="mbr-user"]'/>
...
<xsl:if test='not($isUser)'>
<td><a href="sil/main_sil" target="_parent">
<img src="images/common/sitenav.gif" width="114" height="45"
border="0" /></a></td>
</xsl:if>
That "mbr-user" role is configured in web.xml & database,
the user has this role [defined in the database].
That seems to work on initial page [index.xsl],
but doesn't work on subsequent pages (in another folder).
Any clues why it doesn't and how to fix that?
(everything else works fine)
Thank you in advance,
Oleg.
--- Oleg Konovalov <ol...@yahoo.com> wrote:
> Hi,
>
> I am trying to configure my Cocoon application
> so that particular role has access only to
> the app root [login.xsl, index.xsl]
> but not to other directories.
>
> But is seems that as soon as I put "/" or "/*",
> it gets access to all directories under the root.
>
> Snippet from web.xml:
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>App Root only</web-resource-name>
> <url-pattern>/*</url-pattern>
> </web-resource-collection>
> <auth-constraint>
> <role-name>role1</role-name>
> </auth-constraint>
> </security-constraint>
>
> How do I restrict access to the root only ?
>
>
> Thank you in advance,
> Oleg.
>
>
---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
> For additional commands, e-mail: users-help@cocoon.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org
Re: Access to user role
Posted by Oleg Konovalov <ol...@yahoo.com>.
I just checked: on that non-initial page (xslt/common.xsl) the
value of variable isUser is an empty string.
What is that:
/root/secure:securityProfile/secure:roles/secure:role[.="mbr-user"]'
?
Is that a page parameter, securityProfile or retrieved from the
database? Any pointers ?
I am new to Cocoon and XSLT.
Thank you in advance,
Oleg.
--- Oleg Konovalov <ol...@yahoo.com> wrote:
> Hi,
>
> I am modifying somebody else's Cocoon application.
> I need to disallow users with some specific role
> to see certain parts of the screen (pseudo-menu).
>
> An existing mechanism for that is:
> <xsl:variable name='isUser'
>
select='/root/secure:securityProfile/secure:roles/secure:role[.="mbr-user"]'/>
>
> ...
>
> <xsl:if test='not($isUser)'>
> <td><a href="sil/main_sil" target="_parent">
> <img src="images/common/sitenav.gif" width="114"
> height="45"
> border="0" /></a></td>
> </xsl:if>
>
> That "mbr-user" role is configured in web.xml & database,
> the user has this role [defined in the database].
>
> That seems to work on initial page [index.xsl],
> but doesn't work on subsequent pages (in another folder).
>
> Any clues why it doesn't and how to fix that?
> (everything else works fine)
>
> Thank you in advance,
> Oleg.
>
> --- Oleg Konovalov <ol...@yahoo.com> wrote:
>
> > Hi,
> >
> > I am trying to configure my Cocoon application
> > so that particular role has access only to
> > the app root [login.xsl, index.xsl]
> > but not to other directories.
> >
> > But is seems that as soon as I put "/" or "/*",
> > it gets access to all directories under the root.
> >
> > Snippet from web.xml:
> > <security-constraint>
> > <web-resource-collection>
> > <web-resource-name>App Root only</web-resource-name>
> > <url-pattern>/*</url-pattern>
> > </web-resource-collection>
> > <auth-constraint>
> > <role-name>role1</role-name>
> > </auth-constraint>
> > </security-constraint>
> >
> > How do I restrict access to the root only ?
> >
> >
> > Thank you in advance,
> > Oleg.
> >
> >
>
---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
> > For additional commands, e-mail:
> users-help@cocoon.apache.org
> >
> >
>
>
>
---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
> For additional commands, e-mail: users-help@cocoon.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org