You are viewing a plain text version of this content. The canonical link for it is here.

Posted to docs@cocoon.apache.org by do...@cocoon.apache.org on 2004/11/22 17:03:33 UTC

[Cocoon Wiki] New: AuthFWWithFlowAndForms

   Date: 2004-11-22T08:03:33
   Editor: HelmaVanDerLinden <h....@mi.unimaas.nl>
   Wiki: Cocoon Wiki
   Page: AuthFWWithFlowAndForms
   URL: http://wiki.apache.org/cocoon/AuthFWWithFlowAndForms

   adding page on authentication and flow and cforms

New Page:

=Authentication with flow and CForms

Using the authentication framework with flow is already described here: [http://wiki.cocoondev.org/Wiki.jsp?page=AuthFWWithFlow Authentication Framework with flow].

What may not be obvious, at least it wasn't to me for a long time, is that the pipeline handling the continuation should also be included in the "protected" area. Otherwise they will loose the authentication context in the session. However, you cannot call a continuation inside a "call function". I.e. the following is '''not''' possible:

<map:match pattern="*.continue">
   <map:call function="protected">
      <map:parameter name="handler" value="myflowauthenticationhandler"/>
      <map:call continuation="{1}"/>
   </map:call>
</map:match>

However, you can still use the authentication actions:

<map:match pattern="*.continue">
  <map:act type="auth-loggedIn">  <!-- check authentication -->
    <map:parameter name="handler" value="managehandler"/>
    <map:act type="auth-protect">  <!-- give access to the context -->
      <map:parameter name="handler" value="managehandler"/>
      <map:call continuation="{1}"/>
    </map:act>
  </map:act>
  <map:redirect-to uri="login"/>
</map:match>

''Thanks to Oscar Picasso for the above pipeline.''