Ugo Cei wrote: > [I posted this message on cocoon-users two days ago, but got no reply. > I hope you don't mind if I "escalate" this ;-)] > > Hi people, > > let's say you have a website with an administrative section that is > protected using the Authentication Framework: > > <map:match pattern="admin/**"> > > <map:act type="auth-protect"> > <map:parameter name="handler" value="authhandler"/> > > <map:match pattern="admin/newuser"> > ... > </map:match> > > <map:match pattern="admin/deluser"> > ... > </map:match> > > <!-- more matchers here --> > > </map:act> > > <!-- > - if the user is not authenticated, > - redirect him to the login page > --> > <map:redirect-to uri="login"/> > > </map:match> > > The problem here is that when someone requests an URI like > "admin/this-uri-does-not-match-anything", they are redirected to the > login page. I'd like to generate a "404 Not Found" result code > instead, and possibly have it trapped by the map:handle-errors block.
Do you think it's good for non authenticated users to even know that a particular URI in a protected part of the URI space exists or not ? I would say no (or tell us your use case), and then your sitemap is just fine... > I'm using C2.1-dev and I see there's a NotifyingGenerator, but I > cannot figure out whether it would be useful in this case and how to > use it. This generator is hard-coded as the start of the handle-errors pipeline, so you can't do anything with it. Sylvain -- Sylvain Wallez Anyware Technologies Apache Cocoon http://www.anyware-tech.com mailto:[EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, email: [EMAIL PROTECTED]
