You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@cocoon.apache.org by Fernando Mato Mira <ma...@acm.org> on 2006/03/31 11:04:23 UTC

authentication context not available to action

I am implmenting a conditional session invalidator action. When I try
to access the authentication context stored in the ContextManager, I get 
a null pointer.
What should I do to make sure this info is passed to the component? I am 
using
it as the first action in a login pipeline:

      <map:match pattern="do-login">
        <!-- force logout if principal change -->
        <map:act type="changing-session-invalidate">
          <map:parameter name="username" value="{request-param:username}"/>
          <map:parameter name="token" value="{request-param:ugatok}"/>
        </map:act>
        <!-- if we are already logged in, redirect to the protected 
document -->
        <map:act type="auth-loggedIn">
          <map:parameter name="handler" value="multihandler"/>
          <map:redirect-to 
uri="edit?Action={request-param:Action}&amp;Key={request-param:Key}&amp;ReturnTo={request-param:ReturnTo}"/>
        </map:act>  
        <!-- try to login -->
        <map:act type="auth-login">
          <map:parameter name="handler" value="multihandler"/>
          <map:parameter name="parameter_name" 
value="{request-param:username}"/>
          <map:parameter name="parameter_password" 
value="{request-param:password}"/>
          <map:parameter name="parameter_token" 
value="{request-param:ugatok}"/>
          <map:redirect-to 
uri="edit?Action={request-param:Action}&amp;Key={request-param:Key}&amp;ReturnTo={request-param:ReturnTo}"/>
        </map:act>
        <!-- something was wrong, try it again -->
        <map:redirect-to uri="login"/>
      </map:match>

-- 
--
Fernando D. Mato Mira                         matomira@acm.org
Thomson Corporation Switzerland AG


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org

Re: authentication context not available to action

Posted by Fernando Mato Mira <ma...@acm.org>.

I seem to have get it working by making the action act as a conditional, 
and reorganizing the pipeline like this:


      <map:match pattern="do-login">
        <!-- if we are already logged in, maybe redirect to the 
protected document -->
        <map:act type="auth-loggedIn">
          <map:parameter name="handler" value="multihandler"/>
           <map:act type="auth-protect">  <!-- give access to the 
context -->
            <map:parameter name="handler" value="multihandler"/>
            <!-- force logout if principal change -->
            <map:act type="changing-session-invalidate">
              <map:parameter name="username" 
value="{request-param:username}"/>
              <map:parameter name="token" value="{request-param:ugatok}"/>
              <map:redirect-to 
uri="do-login?ugatok={request-param:ugatok}&amp;Action={request-param:Action}&amp;Key={request-param:Key}&amp;ReturnTo={request-param:ReturnTo}"/>
            </map:act>
            <map:redirect-to 
uri="edit?Action={request-param:Action}&amp;Key={request-param:Key}&amp;ReturnTo={request-param:ReturnTo}"/>
          </map:act>
        </map:act>  
        <!-- try to login -->
        <map:act type="auth-login">
          <map:parameter name="handler" value="multihandler"/>
          <map:parameter name="parameter_name" 
value="{request-param:username}"/>
          <map:parameter name="parameter_password" 
value="{request-param:password}"/>
          <map:parameter name="parameter_token" 
value="{request-param:ugatok}"/>
          <map:redirect-to 
uri="edit?Action={request-param:Action}&amp;Key={request-param:Key}&amp;ReturnTo={request-param:ReturnTo}"/>
        </map:act>
        <!-- something was wrong, try it again -->
        <map:redirect-to uri="login"/>
      </map:match>


Fernando Mato Mira wrote:

> I am implmenting a conditional session invalidator action. When I try
> to access the authentication context stored in the ContextManager, I 
> get a null pointer.
> What should I do to make sure this info is passed to the component? I 
> am using
> it as the first action in a login pipeline:
>
>      <map:match pattern="do-login">
>        <!-- force logout if principal change -->
>        <map:act type="changing-session-invalidate">
>          <map:parameter name="username" 
> value="{request-param:username}"/>
>          <map:parameter name="token" value="{request-param:ugatok}"/>
>        </map:act>
>        <!-- if we are already logged in, redirect to the protected 
> document -->
>        <map:act type="auth-loggedIn">
>          <map:parameter name="handler" value="multihandler"/>
>          <map:redirect-to 
> uri="edit?Action={request-param:Action}&amp;Key={request-param:Key}&amp;ReturnTo={request-param:ReturnTo}"/> 
>
>        </map:act>         <!-- try to login -->
>        <map:act type="auth-login">
>          <map:parameter name="handler" value="multihandler"/>
>          <map:parameter name="parameter_name" 
> value="{request-param:username}"/>
>          <map:parameter name="parameter_password" 
> value="{request-param:password}"/>
>          <map:parameter name="parameter_token" 
> value="{request-param:ugatok}"/>
>          <map:redirect-to 
> uri="edit?Action={request-param:Action}&amp;Key={request-param:Key}&amp;ReturnTo={request-param:ReturnTo}"/> 
>
>        </map:act>
>        <!-- something was wrong, try it again -->
>        <map:redirect-to uri="login"/>
>      </map:match>
>


-- 
--
Fernando D. Mato Mira                         matomira@acm.org
Thomson Corporation Switzerland AG


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org