You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cocoon.apache.org by Steve Krulewitz <st...@zowiedigital.com> on 2003/08/11 18:36:33 UTC
Flow and the authentication framework
[I posted this earlier on the user list, but it might be more appropriate
here given the new-ness of the flow stuff]
Hey folks --
Total newbie here. I've been spending the last week getting up to speed on
Cocoon, especially the new flow stuff and how it impacts the action-based
authentication framework. If flow essentially deprecates actions in
general, what is the proper way to access the authentication framework from
flow? The petstore sample seems to use its own user database, which would
lead me to believe that the current authentication framework is not intended
to be used with flow?
More specifically, I'm not really looking to restrict access to particular
pages and pipelines, rather I want the user's authentication status and
role(s) to affect the page generation.
cheers,
-steve
RE: Flow and the authentication framework
Posted by Upayavira <uv...@upaya.co.uk>.
On 11 Aug 2003 at 16:22, Steve Krulewitz wrote:
> > You could check out the Linotype block, which does some basic
> > authentication using
> > flow.
>
> Thanks for the pointer -- I was unaware that linotype was flow-ified.
> It looks like both the petstore and linotype roll their own
> authentication method, petstore hitting the database directly from the
> flow js, and linotype using a class that reads the user info from a
> file.
>
> I will take a closer look at the sunrise authentication framework and
> see if it suits my needs enough to refactor it into something that can
> be called directly from flow.
That would be great. I've not used the authorisation-fw stuff, but I'd imagine there's
more to it than what is implemented in Linotype or petstore, and it would be good to
have a flow interface to it available. I could see myself being a user of it.
Regards, Upayavira
Re: Flow and the authentication framework
Posted by Stefano Mazzocchi <st...@apache.org>.
On Tuesday, Aug 12, 2003, at 10:39 Europe/Rome, Carsten Ziegeler wrote:
> Stefano Mazzocchi wrote:
>> The auth framework action should be refactored into a general
>> user-managing component and at that point, it could be used both by
>> the
>> action and by a flowscript.
>>
> It's already refactored, the actions are only looking up the user
> manager
> and call a method on it. This should be very trivial to do from
> flowscript.
ah, cool. then all we need is real blocks to make this work ;-)
--
Stefano.
RE: Flow and the authentication framework
Posted by Carsten Ziegeler <cz...@s-und-n.de>.
Stefano Mazzocchi wrote:
> The auth framework action should be refactored into a general
> user-managing component and at that point, it could be used both by the
> action and by a flowscript.
>
It's already refactored, the actions are only looking up the user manager
and call a method on it. This should be very trivial to do from flowscript.
Carsten
Re: Flow and the authentication framework
Posted by Stefano Mazzocchi <st...@apache.org>.
On Monday, Aug 11, 2003, at 19:26 Europe/Rome, Upayavira wrote:
> On 11 Aug 2003 at 19:10, Reinhard Pötz wrote:
>
>>
>> From: Steve Krulewitz
>>
>>> [I posted this earlier on the user list, but it might be more
>>> appropriate here given the new-ness of the flow stuff]
>>>
>>> Hey folks --
>>>
>>> Total newbie here. I've been spending the last week getting
>>> up to speed on Cocoon, especially the new flow stuff and how
>>> it impacts the action-based authentication framework. If
>>> flow essentially deprecates actions in general, what is the
>>> proper way to access the authentication framework from flow?
Very good question. I've been thinking about the very same thing for
the last month or so.
I have pretty wild ideas on how to do this. Stay tuned for my Sylvain's
pool random thought mail appearing right after the 2.1 release.
>>> The petstore sample seems to use its own user database, which
>>> would lead me to believe that the current authentication
>>> framework is not intended to be used with flow?
Correct. The auth-framework was not intented to be used with the flow.
>> AFAIK, there hasn't been done any work yet. Personally I haven't used
>> the authentication framework. What I know the authentication framework
>> can protect your pipelines. IMHO this doesn't make sense for flow
>> applications because you work with sendPage(AndWait) and this allows
>> you to send internal-only pipelines and your controller should know if
>> a user is allowed to receive a page or not.
>>
>> But maybe I'm completly wrong here ...
>
> Interesting points.
The auth framework action should be refactored into a general
user-managing component and at that point, it could be used both by the
action and by a flowscript.
>>> More specifically, I'm not really looking to restrict access
>>> to particular pages and pipelines, rather I want the user's
>>> authentication status and
>>> role(s) to affect the page generation.
>>
>> Sorry, can't help you with that.
>
> You could check out the Linotype block, which does some basic
> authentication using
> flow.
Yes and it uses a "super simple" java components to do user management.
I know Turbine has a component that does this already and they were
talking about avalonizing it.
But stay tuned for more on this subject.
>
--
Stefano.
Re: Flow and the authentication framework
Posted by Ryan Hoegg <rh...@isisnetworks.net>.
Geoff had a different approach to authenticating. He mentioned using a
Matcher, in his case a ContainerRoleMatcher, to enclose any pipelines
you want to secure. Then you won't need to access any authentication
information inside your flow.
--
Ryan Hoegg
ISIS Networks
http://www.isisnetworks.net
Steve Krulewitz wrote:
>>You could check out the Linotype block, which does some basic
>>authentication using
>>flow.
>>
>>
>
>Thanks for the pointer -- I was unaware that linotype was flow-ified. It
>looks like both the petstore and linotype roll their own authentication
>method, petstore hitting the database directly from the flow js, and
>linotype using a class that reads the user info from a file.
>
>I will take a closer look at the sunrise authentication framework and see if
>it suits my needs enough to refactor it into something that can be called
>directly from flow.
>
>cheers,
>-steve
>
Re: Small suggestion for flow: Cocoon instead of cocoon
Posted by Bruno Dumon <br...@outerthought.org>.
On Tue, 2003-08-12 at 07:28, Steve K wrote:
> Hey folks -
>
> I hope it isn't too late for such a trivial suggestion, and I hope this hasn't
> been discussed before, but is there any particular reason the global cocoon
> object in flow is lowercased? I am used to working with JavaScript in
> Mozilla and its "window into the guts" object name is "Components". You can
> see some examples here:
>
> http://www.mozilla.org/scriptable/components_object.html
>
> Plus, Microsoft's use of JavaScript in its technologies (WSH, ASP) does the
> same with similar objects (WSH has WScript, ASP has Request, Response,
> Server, Session).
>
Doesn't javascript use the same naming convention as Java: lowercase for
instances, uppercase for classes?
The "cocoon" object is actually an instance of a class called
FOM_Cocoon.
Similary, the "window" object in a browser is also lowercased.
--
Bruno Dumon http://outerthought.org/
Outerthought - Open Source, Java & XML Competence Support Center
bruno@outerthought.org bruno@apache.org
Small suggestion for flow: Cocoon instead of cocoon
Posted by Steve K <sh...@myrealbox.com>.
Hey folks -
I hope it isn't too late for such a trivial suggestion, and I hope this hasn't
been discussed before, but is there any particular reason the global cocoon
object in flow is lowercased? I am used to working with JavaScript in
Mozilla and its "window into the guts" object name is "Components". You can
see some examples here:
http://www.mozilla.org/scriptable/components_object.html
Plus, Microsoft's use of JavaScript in its technologies (WSH, ASP) does the
same with similar objects (WSH has WScript, ASP has Request, Response,
Server, Session).
Anyhow, great work on the flow stuff, I can't wait to start using it in my own
apps!
cheers,
-steve
RE: Flow and the authentication framework
Posted by Steve Krulewitz <sh...@myrealbox.com>.
> You could check out the Linotype block, which does some basic
> authentication using
> flow.
Thanks for the pointer -- I was unaware that linotype was flow-ified. It
looks like both the petstore and linotype roll their own authentication
method, petstore hitting the database directly from the flow js, and
linotype using a class that reads the user info from a file.
I will take a closer look at the sunrise authentication framework and see if
it suits my needs enough to refactor it into something that can be called
directly from flow.
cheers,
-steve
RE: Flow and the authentication framework
Posted by Upayavira <uv...@upaya.co.uk>.
On 11 Aug 2003 at 19:10, Reinhard Pötz wrote:
>
> From: Steve Krulewitz
>
> > [I posted this earlier on the user list, but it might be more
> > appropriate here given the new-ness of the flow stuff]
> >
> > Hey folks --
> >
> > Total newbie here. I've been spending the last week getting
> > up to speed on Cocoon, especially the new flow stuff and how
> > it impacts the action-based authentication framework. If
> > flow essentially deprecates actions in general, what is the
> > proper way to access the authentication framework from flow?
> > The petstore sample seems to use its own user database, which
> > would lead me to believe that the current authentication
> > framework is not intended to be used with flow?
>
> AFAIK, there hasn't been done any work yet. Personally I haven't used
> the authentication framework. What I know the authentication framework
> can protect your pipelines. IMHO this doesn't make sense for flow
> applications because you work with sendPage(AndWait) and this allows
> you to send internal-only pipelines and your controller should know if
> a user is allowed to receive a page or not.
>
> But maybe I'm completly wrong here ...
Interesting points.
> > More specifically, I'm not really looking to restrict access
> > to particular pages and pipelines, rather I want the user's
> > authentication status and
> > role(s) to affect the page generation.
>
> Sorry, can't help you with that.
You could check out the Linotype block, which does some basic authentication using
flow.
Regards, Upayavira
RE: Flow and the authentication framework
Posted by Reinhard Pötz <re...@gmx.net>.
From: Steve Krulewitz
> [I posted this earlier on the user list, but it might be more
> appropriate here given the new-ness of the flow stuff]
>
> Hey folks --
>
> Total newbie here. I've been spending the last week getting
> up to speed on Cocoon, especially the new flow stuff and how
> it impacts the action-based authentication framework. If
> flow essentially deprecates actions in general, what is the
> proper way to access the authentication framework from flow?
> The petstore sample seems to use its own user database, which
> would lead me to believe that the current authentication
> framework is not intended to be used with flow?
AFAIK, there hasn't been done any work yet. Personally I haven't used
the authentication framework. What I know the authentication framework
can protect your pipelines. IMHO this doesn't make sense for flow
applications because you work with sendPage(AndWait) and this allows you
to send internal-only pipelines and your controller should know if a
user is allowed to receive a page or not.
But maybe I'm completly wrong here ...
> More specifically, I'm not really looking to restrict access
> to particular pages and pipelines, rather I want the user's
> authentication status and
> role(s) to affect the page generation.
Sorry, can't help you with that.
Cheers,
Reinhard
RE: Flow and the authentication framework
Posted by Carsten Ziegeler <cz...@s-und-n.de>.
Steve Krulewitz wrote:
>
> Hey folks --
>
> Total newbie here. I've been spending the last week getting up
> to speed on
> Cocoon, especially the new flow stuff and how it impacts the action-based
> authentication framework. If flow essentially deprecates actions in
> general, what is the proper way to access the authentication
> framework from
> flow? The petstore sample seems to use its own user database, which would
> lead me to believe that the current authentication framework is
> not intended
> to be used with flow?
When the authentication framework was developed the flow concept wasn't
even mentioned. So that's the main reason why there is currently no support
from flow.
I think it makes sense to have support for the auth framework from flow and
adding support in flow is one minor point on my todo list for 2.2, so if
you want to step in, great!
However, there is one tricky point as the configuration for the auth
framework
is currently in the sitemap as well; I guess you must either have the
ability
to define the conf in flow itself or use a configuration xml for that.
If you need help, let me know.
>
> More specifically, I'm not really looking to restrict access to particular
> pages and pipelines, rather I want the user's authentication status and
> role(s) to affect the page generation.
>
Yes, I guess the auth framework could really help you here.
Carsten