RE: Dynamic or Static Access Control Lists

[Alex Batlin <al...@batlin.com>]

I have had a look more at how document profiling can be done with some of
the suggestions included:

1. created profile-docbook2document.xsl that only includes sections of
docbook docs that match attribute userrole to one set in a parameter
2. created sitemap.xmap pipeline to transform so far a test document using
this new xsl and pass the userrole parameter in the transform
3. I now need to set up an authentication pipeline, here are the docs I
found:

http://cocoon.apache.org/2.1/developing/webapps/authentication.html

however when I try to add the auth actions, forrest complains that such
actions are not defined. Looking at the cocoon dist, these actions are
included in one of the blocks dirs (whatever that means), but cannot find
them in forrest.

Can anyone help me understand how I can use the auth actions in my sitemap?
Does forrest come with a stripped down version of cocoon, if so how do I
install the actions or does forrest 0.7 solve this?

Many thanks,

Alex.


-----Original Message-----
From: Ross Gardler [mailto:rgardler@apache.org] 
Sent: 23 November 2004 15:14
To: dev@forrest.apache.org
Subject: Re: Dynamic or Static Access Control Lists



Alex Batlin wrote:
> Thank you all for your responses. As suggested, I have raised an RFE. See
> http://issues.cocoondev.org/browse/FOR-385.
> 
> I have never used cocoon. I have figured out ant, docbook, xslt
processing,
> but have not used cocoon beyond forrest, which nicely encapsulates it.
> 
> Couple points to consider (from the issue I raised)
> 1. how much work will be required to extend site.xml and tabs.xml to
include
> profiling?

I don't think site.xml is the place to do this. Very few users will want 
this kind of functionlaity and we are trying to keep site.xml simple and 
uncluttered.

However, IMS Manifests already have a mechanism for this and we have an 
IMS Manifest plugin. Furthermore, since I am currently the only one 
using the IMS Manifest, and I can foresee this being a useful facility 
for my work I'd be +1 on assisting.

> 2. how does the auth pipeline fit in, do you mean that once the user is
> authenticated, user to role mapping is done and user's role profile is
then
> propagated in the session, and that is what is then used by the profiler?

Without reading up more on the auth modules in Cocoon and where they 
would fit in our (currently under discussion) processing pipelines for 
Forrest 1.0 it is very difficult to answer this question. More thinking 
required.

> 3. can anything be done for the static site e.g. generate all permutations
> of profiled docs, and when the user logs in (say using jscript), the user
is
> then redirect to the right version of the document? Sounds very much like
a
> hack, but have not got any other ideas at the moment, so suggestions are
> welcome

Hmmmm....

This sounds like a very similar problem to that recently discussed in 
the Forrest docs thread (MARC is down at the moment so no link).

Ross