You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cocoon.apache.org by Paul Joseph <pj...@yahoo.com> on 2004/08/18 20:10:59 UTC
how to use roles in web application
Hi,
I have a newbie question re. authentication and
authorization.
I read the
document:http://cocoon.apache.org/2.1/developing/webapps/authentication.html
and can understand it (atleast most of it!)
However I want to make use of "roles" i.e. to do the
standard thing of changing the application that is
loaded depending on the role of the user.
Thus the admin will see stuff that say a manager wont
see and a manager will see stuff that a guest wont see
and so on.
This document does not appear to have information on
how to use roles to do this. Does such documentation
or such an example exist on the best way to use roles
to do this?
I am not sure if the "portal" concept applies as my
app is not a "portal"
thx
Paul
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org
Re: how to use roles in web application
Posted by Paul Joseph <pj...@yahoo.com>.
Thank you Ralph, this is most helpful.
-Paul
--- Ralph Goers <Ra...@dslextreme.com> wrote:
> Not that I'm aware of. I can tell you that it isn't
> very hard to write
> your own. We have our own authentication framework
> that returns the user's
> permissions after being authenticated. I then wrote
> a selector that checks
> the permission specified in the sitemap against the
> map containing all the
> permissions. As you can imagine, the selector is
> tiny - all the real work
> is in getting the permissions.
>
> Ralph
>
>
> At 8/19/2004 03:32 AM, you wrote:
> >Thank you Ralph.
> >
> >I also found from a web search the following thread
> >that was quite helpful.
> >
>
>http://archives.real-time.com/pipermail/cocoon-users/2004-January/044588.html
> >
> >Also, at the bottom of this thread Stefan writes:
> >
> > >For that I wrote a transformer. My pages contain
> > >statements of the form <cms:auth role="doctor">
> > ><content.../> </cms:auth>
> > >On encountering a cms:auth tag the transformer
> > >checks whether the user has that role. If so, it
> > >passes on the enclosed content. If not, it
> filters
> > >it.
> >
> >Is the transformer that he mentions available in
> >open-source?
> >
> >thx
> >Paul
>
>
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
> users-unsubscribe@cocoon.apache.org
> For additional commands, e-mail:
> users-help@cocoon.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org
Re: how to use roles in web application
Posted by Ralph Goers <Ra...@dslextreme.com>.
Not that I'm aware of. I can tell you that it isn't very hard to write
your own. We have our own authentication framework that returns the user's
permissions after being authenticated. I then wrote a selector that checks
the permission specified in the sitemap against the map containing all the
permissions. As you can imagine, the selector is tiny - all the real work
is in getting the permissions.
Ralph
At 8/19/2004 03:32 AM, you wrote:
>Thank you Ralph.
>
>I also found from a web search the following thread
>that was quite helpful.
>
>http://archives.real-time.com/pipermail/cocoon-users/2004-January/044588.html
>
>Also, at the bottom of this thread Stefan writes:
>
> >For that I wrote a transformer. My pages contain
> >statements of the form <cms:auth role="doctor">
> ><content.../> </cms:auth>
> >On encountering a cms:auth tag the transformer
> >checks whether the user has that role. If so, it
> >passes on the enclosed content. If not, it filters
> >it.
>
>Is the transformer that he mentions available in
>open-source?
>
>thx
>Paul
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org
Re: how to use roles in web application
Posted by Paul Joseph <pj...@yahoo.com>.
Thank you Ralph.
I also found from a web search the following thread
that was quite helpful.
http://archives.real-time.com/pipermail/cocoon-users/2004-January/044588.html
Also, at the bottom of this thread Stefan writes:
>For that I wrote a transformer. My pages contain
>statements of the form <cms:auth role="doctor">
><content.../> </cms:auth>
>On encountering a cms:auth tag the transformer
>checks whether the user has that role. If so, it
>passes on the enclosed content. If not, it filters
>it.
Is the transformer that he mentions available in
open-source?
thx
Paul
--- Ralph Goers <Ra...@dslextreme.com> wrote:
> Roles are not part of the authentication framework.
> They are part of the
> portal.
>
> At 8/18/2004 11:10 AM, you wrote:
> >Hi,
> >
> >I have a newbie question re. authentication and
> >authorization.
> >
> >I read the
>
>document:http://cocoon.apache.org/2.1/developing/webapps/authentication.html
> >and can understand it (atleast most of it!)
> >
> >However I want to make use of "roles" i.e. to do
> the
> >standard thing of changing the application that is
> >loaded depending on the role of the user.
> >
> >Thus the admin will see stuff that say a manager
> wont
> >see and a manager will see stuff that a guest wont
> see
> >and so on.
> >
> >This document does not appear to have information
> on
> >how to use roles to do this. Does such
> documentation
> >or such an example exist on the best way to use
> roles
> >to do this?
> >
> >I am not sure if the "portal" concept applies as my
> >app is not a "portal"
> >
> >thx
> >Paul
> >
> >
>
>---------------------------------------------------------------------
> >To unsubscribe, e-mail:
> users-unsubscribe@cocoon.apache.org
> >For additional commands, e-mail:
> users-help@cocoon.apache.org
>
>
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
> users-unsubscribe@cocoon.apache.org
> For additional commands, e-mail:
> users-help@cocoon.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org
Re: how to use roles in web application
Posted by Ralph Goers <Ra...@dslextreme.com>.
Roles are not part of the authentication framework. They are part of the
portal.
At 8/18/2004 11:10 AM, you wrote:
>Hi,
>
>I have a newbie question re. authentication and
>authorization.
>
>I read the
>document:http://cocoon.apache.org/2.1/developing/webapps/authentication.html
>and can understand it (atleast most of it!)
>
>However I want to make use of "roles" i.e. to do the
>standard thing of changing the application that is
>loaded depending on the role of the user.
>
>Thus the admin will see stuff that say a manager wont
>see and a manager will see stuff that a guest wont see
>and so on.
>
>This document does not appear to have information on
>how to use roles to do this. Does such documentation
>or such an example exist on the best way to use roles
>to do this?
>
>I am not sure if the "portal" concept applies as my
>app is not a "portal"
>
>thx
>Paul
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
>For additional commands, e-mail: users-help@cocoon.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org