Hi Bert,
> -----Original Message-----
> From: Bert Van Kets [mailto:[EMAIL PROTECTED]]
> Sent: Friday, May 03, 2002 10:39 PM
> To: [EMAIL PROTECTED]
> Subject: User authentication and roles
>
>
> I need to use teh roles in the user authentication and have been tying to
> get *something* going all day, with no succes. I've read the
> docs at least
> ten times, but can't find the way to get it going.
> What I need:
> I have several types of users.
> - The simplest ones only can access the member section
> - The authors can only access the section they are responsible for.
>
Is this inside the portal or outside? If inside you can edit the profiles
for the roles, so one role profile has access to a "member" coplet and
another not. In combination with the below mentioned "portal-auth" action
you can secure it this way.
If you are outside the portal, you can use the "auth-protect" action
to secure a pipeline. This action returns (if the user is authenticated)
a map containing several values, for example the role, so you can do
something like this:
<map:match pattern="something">
<!-- protect the pipeline: -->
<map:act type="auth-protect">
<map:parameter name="handler" value="myhandler"/>
<map:select type="parameter">
<map:parameter name="parameter-selector-test" value="{role}"/> <!--
test
the role of the user -->
<map:when test="admin">
<!-- this is an admin, so ... -->
<!-- Insert pipeline commands here -->
</map:when>
<map:otherwise>
<!-- this is not an admin, so ... -->
<!-- Insert pipeline commands here -->
</map:otherwise>
</map:select>
</map:act>
</map:match>
> In a later phase I want to give or restrict access to specific pages, but
> that's not really necessary for the moment.
>
> How do I add/check user roles? In the sitemap a coplet parameter is sent
> to the portal-auth action, but it's not documented.
>
The portal-auth action is document in the portal documentation of the
developer
section. It performs an extra protection of a pipeline, like the normal
"auth-protect" action:
>>>
In this example the coplet is protected by the use of the parameter
tag inside the "portal-auth" action. Only if the user is allowed to
view/configure the coplet with the ID "licencing", he can invoke this
resource.
If this security command is left out, everyone is able to get the resource
by
simply invoking it directly from the browser. However, if the coplet is
protected it is not necessary that a user has choosen that coplet for his
current portal view to invoke the resource. In addition it is possible to
specify the parameter without a specific coplet name. This protects the
resource as a coplet: Only users which are logged in to the portal can view
the
resource.
<<<
So if you have the following in your pipeline:
<map:act type="portal-auth">
<map:parameter name="coplet" value="licencing"/>
</map:act>
only users who can add the "licencing" coplet to their profile can invoke
the corresponding pipeline by hand.
HTH
Carsten
Open Source Group sunShine - b:Integrated
================================================================
Carsten Ziegeler, S&N AG, Klingenderstrasse 5, D-33100 Paderborn
http://www.s-und-n.de mailto: [EMAIL PROTECTED]
----------------------------------------------------------------
The Cocoon Book:
http://www.amazon.com/exec/obidos/ASIN/0735712352/apachecocoona-20
The new weblog homepage: http://ziegeler.bei.t-online.de
================================================================
---------------------------------------------------------------------
Please check that your question has not already been answered in the
FAQ before posting. <http://xml.apache.org/cocoon/faqs.html>
To unsubscribe, e-mail: <[EMAIL PROTECTED]>
For additional commands, e-mail: <[EMAIL PROTECTED]>
