Ok, it was too simple and too obvious for me! That's the way I like problems
to be solved. :)
Thanks!
Pascal.
-----Original Message-----
From: Vadim Gritsenko [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 13, 2002 8:37 PM
To: [EMAIL PROTECTED]
Subject: RE: [Action] Best practices for authentication
> From: Pascal Davoust [mailto:[EMAIL PROTECTED]]
>
> Hi all,
>
> I've been experimenting with Cocoon 2.0.1 (and before that with Cocoon
1,
> but didn't do much with it because of the lack of features more than
> available in C2 now, mainly actions).
> And now I'm wondering about the 'protected' sample in the distro.
>
> Basically, having a page protected by authentication involves an
action
> (DatabaseAuthenitcatorAction, in this case) to check that
authentication was
> successful before serving the resource (understand: page), or redirect
to
> login if authentication failed.
> The pattern for this is basically:
>
> <map:match pattern="matching-pattern">
> <map:act type="session-validator">
> <!-- The protected (needing authentication) content -->
> </map:act>
> <map:redirect-to uri="login"/>
>
> And if I correctly understand, it means that I've got to specify that
schema
> for *every* match I want to protect, right? Seems a bit of overhead to
me
> (may increase the maintenance cost for the sitemap)...
>
> Is there a "smarter" way of doing this? Quite frankly, that's the only
one I
> see (I came to that conclusion myself *before* seing the protected
> sample)... but you guys have zillion times more experience than me
with this
> topic! :)
>
Reverse this, action before match:
<!-- have "login" before action to avoid loop -->
<map:match pattern="login">
...
</map:match>
<map:act type="session-validator">
<!-- The protected (needing authentication) content -->
<map:match pattern="matching-pattern1">
...
</map:match>
<map:match pattern="matching-pattern2">
...
</map:match>
</map:act>
<!-- Nothing is unprotected -->
<map:redirect-to uri="login"/>
(this is supported since 2.0.1)
> By the way, C2 rocks! :)
Thanks!
Vadim
---------------------------------------------------------------------
Please check that your question has not already been answered in the
FAQ before posting. <http://xml.apache.org/cocoon/faqs.html>
To unsubscribe, e-mail: <[EMAIL PROTECTED]>
For additional commands, e-mail: <[EMAIL PROTECTED]>
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
---------------------------------------------------------------------
Please check that your question has not already been answered in the
FAQ before posting. <http://xml.apache.org/cocoon/faqs.html>
To unsubscribe, e-mail: <[EMAIL PROTECTED]>
For additional commands, e-mail: <[EMAIL PROTECTED]>
