Per Kreipke wrote: > > > I think, two users have reported this on the user list some months ago. > > > > Carsten > > Sorry, meaning what? Someone else mentioned it or did the work to > integrate > the two? I can't find anything about it on the MARC archive. > Sorry, I had little time yesterday..so I only wrote short mails... Yes, someone mentioned it and integrated it. I don't know how he did it.
Basically, this approach should work: The container managed security is outside of Cocoon, so if a protected document is called and the request enters Cocoon, the user must be authenticatd. Otherwise the contained would have denied the access. Now, you can write an automatically log-in handler for Cocoon. For the protected document, test if the usre is already logged-in via the handler. If so, serve the document. If the user is not logged-in via the handler (but then he is already authorized by the container) you can invoke the login-action and write an authentication pipeline for the handler which does nothing more than getting the user, roles, principles from the container and returning them to the handler. That's it. I must confess, that you have to write a simple authentication pipeline for it - I think spending 4 hours on it would be enough and you have the container integration. HTH Carsten > I was thinking that one way to do so would be to satisfy the login request > with an XSP page that enumerates the <authentication> block with > the values > of getRemoteUser(), the roles, etc. > > Per > > > > -----Original Message----- > > > From: Per Kreipke [mailto:[EMAIL PROTECTED]] > > > Sent: Wednesday, August 07, 2002 9:24 PM > > > To: [EMAIL PROTECTED] > > > Subject: SunRise with container managed security... > > > > > > > > > I've had the demo code working and gotten the SunRise > > > authentication to work > > > off static files and am about to try it off a DB. > > > > > > However, what I'm really interested in, since Cocoon isn't the > > > only servlet > > > running, is integrating the SunRise components with the Tomcat > > Realm based > > > security. Has that been done before? > > > > > > Per > > > > > > > > > --------------------------------------------------------------------- > > > Please check that your question has not already been answered in the > > > FAQ before posting. <http://xml.apache.org/cocoon/faq/index.html> > > > > > > To unsubscribe, e-mail: <[EMAIL PROTECTED]> > > > For additional commands, e-mail: <[EMAIL PROTECTED]> > > > > > > > > > --------------------------------------------------------------------- > > Please check that your question has not already been answered in the > > FAQ before posting. <http://xml.apache.org/cocoon/faq/index.html> > > > > To unsubscribe, e-mail: <[EMAIL PROTECTED]> > > For additional commands, e-mail: <[EMAIL PROTECTED]> > > > > > > > --------------------------------------------------------------------- > Please check that your question has not already been answered in the > FAQ before posting. <http://xml.apache.org/cocoon/faq/index.html> > > To unsubscribe, e-mail: <[EMAIL PROTECTED]> > For additional commands, e-mail: <[EMAIL PROTECTED]> > --------------------------------------------------------------------- Please check that your question has not already been answered in the FAQ before posting. <http://xml.apache.org/cocoon/faq/index.html> To unsubscribe, e-mail: <[EMAIL PROTECTED]> For additional commands, e-mail: <[EMAIL PROTECTED]>
