Access to the app root only

[Oleg Konovalov <ol...@yahoo.com>]

Hi,

I am trying to configure my Cocoon application
so that particular role has access only to
the app root [login.xsl, index.xsl]
but not to other directories.

But is seems that as soon as I put "/" or "/*",
it gets access to all directories under the root.

Snippet from web.xml:
<security-constraint>
     <web-resource-collection>
        <web-resource-name>App Root only</web-resource-name>
	<url-pattern>/*</url-pattern>
     </web-resource-collection>
     <auth-constraint>	
	<role-name>role1</role-name>	
     </auth-constraint>
  </security-constraint>

How do I restrict access to the root only ?


Thank you in advance,
Oleg.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org

Re: Access to the app root only

[Ugo Cei <ug...@apache.org>]

Il giorno 09/giu/05, alle 23:37, Oleg Konovalov ha scritto:

> How do I restrict access to the root only ?

I don't think it's possible using container-based authentication.

	Ugo

-- 
Ugo Cei
Tech Blog: http://agylen.com/
Open Source Zone: http://oszone.org/
Wine & Food Blog: http://www.divinocibo.it/

Re: Access to user role

[Oleg Konovalov <ol...@yahoo.com>]

I just checked: on that non-initial page (xslt/common.xsl) the
value of variable isUser is an empty string.

What is that:
/root/secure:securityProfile/secure:roles/secure:role[.="mbr-user"]'
  ?
Is that a page parameter, securityProfile or retrieved from the
database?  Any pointers ?

I am new to Cocoon and XSLT.

Thank you in advance,
Oleg.

--- Oleg Konovalov <ol...@yahoo.com> wrote:

> Hi,
> 
> I am modifying somebody else's Cocoon application.
> I need to disallow users with some specific role
> to see certain parts of the screen (pseudo-menu).
> 
> An existing mechanism for that is:
> <xsl:variable name='isUser'
>
select='/root/secure:securityProfile/secure:roles/secure:role[.="mbr-user"]'/>
> 
> ...
> 
> <xsl:if test='not($isUser)'> 	
>   <td><a href="sil/main_sil" target="_parent"> 
>     <img src="images/common/sitenav.gif" width="114"
> height="45"
> border="0" /></a></td>
> </xsl:if>	
> 
> That "mbr-user" role is configured in web.xml & database,
> the user has this role [defined in the database].
> 
> That seems to work on initial page [index.xsl],
> but doesn't work on subsequent pages (in another folder).
> 
> Any clues why it doesn't and how to fix that?
> (everything else works fine)
> 
> Thank you in advance,
> Oleg.
> 
> --- Oleg Konovalov <ol...@yahoo.com> wrote:
> 
> > Hi,
> > 
> > I am trying to configure my Cocoon application
> > so that particular role has access only to
> > the app root [login.xsl, index.xsl]
> > but not to other directories.
> > 
> > But is seems that as soon as I put "/" or "/*",
> > it gets access to all directories under the root.
> > 
> > Snippet from web.xml:
> > <security-constraint>
> >      <web-resource-collection>
> >         <web-resource-name>App Root only</web-resource-name>
> > 	<url-pattern>/*</url-pattern>
> >      </web-resource-collection>
> >      <auth-constraint>	
> > 	<role-name>role1</role-name>	
> >      </auth-constraint>
> >   </security-constraint>
> > 
> > How do I restrict access to the root only ?
> > 
> > 
> > Thank you in advance,
> > Oleg.
> > 
> >
>
---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
> > For additional commands, e-mail:
> users-help@cocoon.apache.org
> > 
> > 
> 
> 
>
---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
> For additional commands, e-mail: users-help@cocoon.apache.org
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org

Access to user role

[Oleg Konovalov <ol...@yahoo.com>]

Hi,

I am modifying somebody else's Cocoon application.
I need to disallow users with some specific role
to see certain parts of the screen (pseudo-menu).

An existing mechanism for that is:
<xsl:variable name='isUser'
select='/root/secure:securityProfile/secure:roles/secure:role[.="mbr-user"]'/>

...

<xsl:if test='not($isUser)'> 	
  <td><a href="sil/main_sil" target="_parent"> 
    <img src="images/common/sitenav.gif" width="114" height="45"
border="0" /></a></td>
</xsl:if>	

That "mbr-user" role is configured in web.xml & database,
the user has this role [defined in the database].

That seems to work on initial page [index.xsl],
but doesn't work on subsequent pages (in another folder).

Any clues why it doesn't and how to fix that?
(everything else works fine)

Thank you in advance,
Oleg.

--- Oleg Konovalov <ol...@yahoo.com> wrote:

> Hi,
> 
> I am trying to configure my Cocoon application
> so that particular role has access only to
> the app root [login.xsl, index.xsl]
> but not to other directories.
> 
> But is seems that as soon as I put "/" or "/*",
> it gets access to all directories under the root.
> 
> Snippet from web.xml:
> <security-constraint>
>      <web-resource-collection>
>         <web-resource-name>App Root only</web-resource-name>
> 	<url-pattern>/*</url-pattern>
>      </web-resource-collection>
>      <auth-constraint>	
> 	<role-name>role1</role-name>	
>      </auth-constraint>
>   </security-constraint>
> 
> How do I restrict access to the root only ?
> 
> 
> Thank you in advance,
> Oleg.
> 
>
---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
> For additional commands, e-mail: users-help@cocoon.apache.org
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org