Mmh, I probably missed something here... I tried what you proposed, but I
get a compilation error. Here's what I did at first, which works correctly:
<map:pipeline>
<map:match pattern="account">
<!-- Makes sure that authentication has been successful -->
<map:act type="session-validator">
<map:parameter name="descriptor"
value="file://config/session-params.xml"/>
<map:parameter name="validate" value="user/login"/>
<!-- The protected content for that match -->
</map:act>
</map:match>
</map:pipeline>
(login is in another pipeline... does it matter?)
And then I tried to reverse the pattern, like this:
<map:pipeline>
<!-- Makes sure that authentication has been successful -->
<map:act type="session-validator">
<map:parameter name="descriptor"
value="file://config/session-params.xml"/>
<map:parameter name="validate" value="user/login"/>
<map:match pattern="account">
<!-- The protected content for that match -->
</map:match>
</map:act>
</map:pipeline>
And I get an error, which is :
Error compiling sitemap_xmap: Line 901, column 6: Undefined variable: param
I had a look to the source code, it's obviously missing the variable
declaration. Did I forget something here?
By the way, I found that the "context://..." specifier as a parameter value
for the action descriptor doesn't work (did I correctly understand that this
sub-protocol is related to the sitemap?), whereas "file://...." does the
trick (I want to specify a path relative to the sitemap its written into).
Thanks,
Pascal.
-----Original Message-----
From: Pascal Davoust [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 13, 2002 10:13 PM
To: [EMAIL PROTECTED]
Subject: RE: [Action] Best practices for authentication
Ok, it was too simple and too obvious for me! That's the way I like problems
to be solved. :)
Thanks!
Pascal.
-----Original Message-----
From: Vadim Gritsenko [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 13, 2002 8:37 PM
To: [EMAIL PROTECTED]
Subject: RE: [Action] Best practices for authentication
> From: Pascal Davoust [mailto:[EMAIL PROTECTED]]
>
> Hi all,
>
> I've been experimenting with Cocoon 2.0.1 (and before that with Cocoon
1,
> but didn't do much with it because of the lack of features more than
> available in C2 now, mainly actions).
> And now I'm wondering about the 'protected' sample in the distro.
>
> Basically, having a page protected by authentication involves an
action
> (DatabaseAuthenitcatorAction, in this case) to check that
authentication was
> successful before serving the resource (understand: page), or redirect
to
> login if authentication failed.
> The pattern for this is basically:
>
> <map:match pattern="matching-pattern">
> <map:act type="session-validator">
> <!-- The protected (needing authentication) content -->
> </map:act>
> <map:redirect-to uri="login"/>
>
> And if I correctly understand, it means that I've got to specify that
schema
> for *every* match I want to protect, right? Seems a bit of overhead to
me
> (may increase the maintenance cost for the sitemap)...
>
> Is there a "smarter" way of doing this? Quite frankly, that's the only
one I
> see (I came to that conclusion myself *before* seing the protected
> sample)... but you guys have zillion times more experience than me
with this
> topic! :)
>
Reverse this, action before match:
<!-- have "login" before action to avoid loop -->
<map:match pattern="login">
...
</map:match>
<map:act type="session-validator">
<!-- The protected (needing authentication) content -->
<map:match pattern="matching-pattern1">
...
</map:match>
<map:match pattern="matching-pattern2">
...
</map:match>
</map:act>
<!-- Nothing is unprotected -->
<map:redirect-to uri="login"/>
(this is supported since 2.0.1)
> By the way, C2 rocks! :)
Thanks!
Vadim
---------------------------------------------------------------------
Please check that your question has not already been answered in the
FAQ before posting. <http://xml.apache.org/cocoon/faqs.html>
To unsubscribe, e-mail: <[EMAIL PROTECTED]>
For additional commands, e-mail: <[EMAIL PROTECTED]>
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
---------------------------------------------------------------------
Please check that your question has not already been answered in the
FAQ before posting. <http://xml.apache.org/cocoon/faqs.html>
To unsubscribe, e-mail: <[EMAIL PROTECTED]>
For additional commands, e-mail: <[EMAIL PROTECTED]>
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
---------------------------------------------------------------------
Please check that your question has not already been answered in the
FAQ before posting. <http://xml.apache.org/cocoon/faqs.html>
To unsubscribe, e-mail: <[EMAIL PROTECTED]>
For additional commands, e-mail: <[EMAIL PROTECTED]>
