Stefano Mazzocchi wrote:
> Berin Loritsch wrote:
>>The problem with the first two is that you are dealing with cear-text (or a base-64
>>representation of it)--not very secure. Also you are limited to username/password.
>>We have very sophisticated session management tools at our disposal these days, and
>>it might be worth playing around with Cocoon based authentication modules--or
>possibly
>>even a wrapper around JAAS.
>>
>>The problem is now you need to be able to explicitly raise the "401 Unauthorized"
>>HTTP response if they get it wrong. The current Sitemap topology CANNOT do this.
>>It can at best give you "404" and "500" automatically--but nothing more expressive.
>>
>
> I see. Sounds very powerful and elegant.
>
> But what about <map:throw error="404"> instead? "generate-error"
> conflicts semantically with the generators.
Actually, that seems a bit better. It is more in line with the concept of throwing
an exception.
<map:throw error="404"/> +1
>>Actually that is exactly what I was proposing :)
>>
>>It should probably live in Excalibur--which is getting quite big. We might
>>have to investigate breaking it into smaller swords as a packaging option ;p.
>>
>
> Sounds great to me. Are you volunteering? ;-)
The time, the time!
Seriously, I can do it as it is a fairly trivial component. Question, do you
want a run-time system to be able to dynamically add mime-types to the system?
--
"They that give up essential liberty to obtain a little temporary safety
deserve neither liberty nor safety."
- Benjamin Franklin
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
