Hi all,
I've been playing around with the sub-sitemap stuff. In particular,
I have a <map:pipeline/> definition that looks like this:
<map:pipeline>
<map:match type="regexp" pattern="^~([^/]*)">
<map:mount uri-prefix="~{1}" src="/home/{1}/public_xml/"
check-reload="yes"/>
</map:match>
</map:pipeline>
that resides in the main sitemap.xmap.
What this pipeline does is allow for each user to have their
own sitemap.xmap file in the their ~/public_xml/ directory.
I kinda look at this as being somewhat similar to the Apache
web server configuration for ~/public_html/ directories and
allowing .htaccess files.
The whole reason I'm doing this is to allow individual users
some control over their own XSL transformation sheets. Unfortunately,
it's also opened up a bit of a security concern.
In particular, user's can of course create their own XSP pages
as well. Again, making a parallel to the Apache web server,
there is the <Limit/> tag that can be used to limit what can
be done in a user's own public_html directory. For instance,
not being able to run CGI apps.
[ I'm a wee bit concerned since an end-user, writing their own
XSP pages would have access to any database pools that are
defined in the cocoon.xconf. Or, am I missing something
really obvious here?? ]
Is there a similar mechanism for "limiting" what can be done
in a sub-sitemap? For instance, a <map:limit> tag that
can be used to to express that the "serverpages" generator
cannot be accessed from a sub-sitemap? Or more generally,
to limit components that are accessible by the sub-sitemap?
--
Rick Tessner [EMAIL PROTECTED]
MYRA Systems Corp. Fone: (250) 381 1335 x125 Phax: (250) 381 1304
Cell: (250) 885 9452
"A fast swimmer keeps no pets."
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
