> Are you making something like an extranet? Yes.
> If so, I'd > recommend you doing this in a bit different way. ViewerGroups > is handled in very early state (before sending HTML headers). > One problem is also that 'midcom-template' is run only after > checking the ViewerGroups, which makes it impossible to > override headers set by Midgard. Ok. This clears out a lot of things for me. > There is a nice workaround, which allows you to stay in the > original URI. You could have something like this set in > <(ROOT)> style element: > > --- > > <?php > if (substr($_MIDGARD['uri'], 0, 8) !== 'extranet' || > $_MIDGARD['user']) { ?> <(content)> <?php } else { <(login)> } ?> > > --- > > and then create a style element called 'login': > > --- > > <form method="POST" action="&(midgard.uri);"> > <fieldset> > <legend>Protie login</legend> > <label for="midcom-template-username"> > Username: > <input type="text" name="midcom_site[username]" > id="midcom-template-username" size="20" /> > </label> > <label for="midcom-template-password"> > Password: > <input type="password" name="midcom_site[password]" > id="midcom-template-password" size="20" /> > </label> > <input class="loginform-submit-button" type="submit" > name="midcom_site[login]" value="Login" /> > <div class="disclaimer"> > This site uses the secure NemeinAuthentication library for > authentication. > Please ensure that your browser allows cookies to be set > by this server. > </div> > </fieldset> > </form> > > --- > > You can see that this method relies on URI name spacing and > is in this example set for the first level node 'extranet'. > This isn't a handy way to deal with AIS, since you have to > hard-code the parts which require authentication. > > If someone has a better idea, I wouldn't mind hearing it. Ok this works now. I already figured out how I can check user's group and that way implement different authorization levels (at least I think so :). Great! ...but I have A problem with IE cache now. IE likes to give a cached copy for the user no matter what. So user is not redirected to the login page in IE once he has been on the extranet once. I have Midgard caches disabled. Is adding some cache control into HTTP headers the only way to get it work? Can I just add them to the beginning of my ROOT style or do I have to configure Apache to send the proper headers? > > BTW. Is there a bug in AIS when setting UserGroup permissions. The > > folder always disappears from the navigation whenever I change it's > > UserGroup permission. > > It shouldn't disappear if you have logged in but yes, it will > disappear if ViewerGroups is set to a group the person > viewing doesn't belong to. This you can take as a feature. Strange because I think I tried to check if navigation would behave like you say it should but I remember that was not the case. I might be wrong and I can check it out once I have time. Seppo --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]