> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, July 04, 2002 11:21 AM
> To: [EMAIL PROTECTED]
> Subject: Antwort: RE: Authentication Framework
>
>
> Could a possible solution be to create a "Authentication Error" session
> context,
> which stores the Error xml and so can then be accessed?
>
Yes, this was the old implementation, but usually you don't want to create
a session for a not authenticated user. Creating a session is a time
consuming
and memory waisting operation which should be avoided.
But, you don't have to make a redirect if the authentication is not
successful,
for example:
<map:match pattern="do-login">
<!-- try to login -->
<map:act type="auth-login">
<map:parameter name="handler" value="demohandler"/>
<map:parameter name="parameter_name" value="request:username"/>
<map:redirect-to uri="protected"/>
</map:act>
<!-- something was wrong, try it again -->
<map:generate src="failed.xml"/>
...
</map:serialize>
</map:match>
It is possible to change the authentication framework so that it creates a
temporary
context if the authentication fails. A temporary context is a context which
has
the lifetime of a request and therefore needs no session.
What do you think of this?
Carsten
Carsten Ziegeler Chief Architect Open Source Group, S&N AG
------------------------------------------------------------------
Cocoon Consulting, Training and Projects
------------------------------------------------------------------
mailto:[EMAIL PROTECTED] http://www.s-und-n.de
http://ziegeler.bei.t-online.de
---------------------------------------------------------------------
Please check that your question has not already been answered in the
FAQ before posting. <http://xml.apache.org/cocoon/faq/index.html>
To unsubscribe, e-mail: <[EMAIL PROTECTED]>
For additional commands, e-mail: <[EMAIL PROTECTED]>
