You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cocoon.apache.org by Frank Taffelt <fr...@interface-business.de> on 2003/05/27 12:11:36 UTC
authentication-fw and subsitemap
Hi,
has anybody used the auth-fw which protects the access to an underlying
application subsitemap - look at the following snippet:
<map:pipeline>
<!-- ================ -->
<!-- The whole App -->
<!-- ================ -->
<map:match pattern="**">
<map:act type="auth-protect">
<map:parameter name="handler" value="authhandler"/>
<!-- mount the app and delegate -->
<map:mount check-reload="yes" src="&APP-SITEMAP;" uri-prefix=""/>
</map:act>
<!-- something was wrong, redirect to login page -->
<map:redirect-to uri="login"/>
</map:match>
</map:pipeline>
everything works ok, except the following case:
if request is not authenticated or the session is timedout, the redirect to
login fails.
cocoon version is 2.1-m2.
Any suggestions ?
Frank
---------------------------------------------------------------------
To unsubscribe, e-mail: cocoon-users-unsubscribe@xml.apache.org
For additional commands, e-mail: cocoon-users-help@xml.apache.org
Re: authentication-fw and subsitemap
Posted by Frank Taffelt <fr...@interface-business.de>.
> > * does the inputmodule substitution mechanism work for the "uri"
attribute
> > in "redirect-to" element in my authhandler ?
> >
> No.
Is there a special reason for this ? In my usecase the only possible
solution would be an absolut url for the redirect-to element. This makes the
deployment harder.
Frank
---------------------------------------------------------------------
To unsubscribe, e-mail: cocoon-users-unsubscribe@xml.apache.org
For additional commands, e-mail: cocoon-users-help@xml.apache.org
RE: authentication-fw and subsitemap
Posted by Carsten Ziegeler <cz...@s-und-n.de>.
From: Frank Taffelt [mailto:frank.taffelt@interface-business.de]
> 2 questions:
> * i saw in the docs the the following example:
>
> <autentication-manager>
> <handlers>
> <!-- Now follows the handlers configuration -->
> <handler name="unique">
> <!-- The login resource -->
> <redirect-to uri="cocoon:raw://loginpage"/>
> <authentication uri="cocoon:raw://authenticationresource"/>
> </handler>
> </handlers>
> </autentication-manager>
>
> what is the difference between "cocoon:raw://loginpage" and
> "cocoon://loginpage" ?
When using the cocoon:raw, the request parameters from the client
are not passed to the internal pipeline (loginpage). Without
":raw" they are.
>
> * does the inputmodule substitution mechanism work for the "uri" attribute
> in "redirect-to" element in my authhandler ?
>
No.
Carsten
---------------------------------------------------------------------
To unsubscribe, e-mail: cocoon-users-unsubscribe@xml.apache.org
For additional commands, e-mail: cocoon-users-help@xml.apache.org
Re: authentication-fw and subsitemap
Posted by Frank Taffelt <fr...@interface-business.de>.
> The auth-protect action does the redirect by itself. It redirects
> to the login configuration of your authhandler.
OK.
2 questions:
* i saw in the docs the the following example:
<autentication-manager>
<handlers>
<!-- Now follows the handlers configuration -->
<handler name="unique">
<!-- The login resource -->
<redirect-to uri="cocoon:raw://loginpage"/>
<authentication uri="cocoon:raw://authenticationresource"/>
</handler>
</handlers>
</autentication-manager>
what is the difference between "cocoon:raw://loginpage" and
"cocoon://loginpage" ?
* does the inputmodule substitution mechanism work for the "uri" attribute
in "redirect-to" element in my authhandler ?
Frank
---------------------------------------------------------------------
To unsubscribe, e-mail: cocoon-users-unsubscribe@xml.apache.org
For additional commands, e-mail: cocoon-users-help@xml.apache.org
RE: authentication-fw and subsitemap
Posted by Carsten Ziegeler <cz...@s-und-n.de>.
The auth-protect action does the redirect by itself. It redirects
to the login configuration of your authhandler.
Carsten
> -----Original Message-----
> From: Frank Taffelt [mailto:frank.taffelt@interface-business.de]
> Sent: Tuesday, May 27, 2003 12:12 PM
> To: cocoon-users@xml.apache.org
> Subject: authentication-fw and subsitemap
>
>
> Hi,
>
> has anybody used the auth-fw which protects the access to an underlying
> application subsitemap - look at the following snippet:
>
> <map:pipeline>
> <!-- ================ -->
> <!-- The whole App -->
> <!-- ================ -->
> <map:match pattern="**">
> <map:act type="auth-protect">
> <map:parameter name="handler" value="authhandler"/>
>
> <!-- mount the app and delegate -->
> <map:mount check-reload="yes" src="&APP-SITEMAP;" uri-prefix=""/>
>
>
> </map:act>
> <!-- something was wrong, redirect to login page -->
> <map:redirect-to uri="login"/>
> </map:match>
> </map:pipeline>
>
> everything works ok, except the following case:
> if request is not authenticated or the session is timedout, the
> redirect to
> login fails.
>
> cocoon version is 2.1-m2.
>
> Any suggestions ?
>
> Frank
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: cocoon-users-unsubscribe@xml.apache.org
> For additional commands, e-mail: cocoon-users-help@xml.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: cocoon-users-unsubscribe@xml.apache.org
For additional commands, e-mail: cocoon-users-help@xml.apache.org