Hi,
In case anyone is interested I have it working now, as
follows (see below):
It means that the action is always called (if the
login URI isn't matched) so there could be a
perfromance problem, but there seems to be no other
clean way.
Charlene
<map:pipelines>
<map:pipeline>
<map:match pattern="*login">
<map:generate src="docs/login.html"/>
<map:serialize type="html"/>
</map:match>
<map:match pattern="*login-fail">
<map:generate
src="docs/login_fail.html"/>
<map:serialize type="html"/>
</map:match>
<map:act type="login-action"/>
<map:match pattern="">
etc etc etc
--- Charlene Mitchell <[EMAIL PROTECTED]>
wrote: > Hi,
>
> Okay, I think intercepting the request after
> j_security_check will be a nightmare (and I don't
> want
> to rewrite App Server authentication).
>
> But isn't there any easier way?
>
> E.g. match for * and call an action which checks
> that
> the session attribute is set, else it sets it, and
> then the match is passed on to the specific match,
> such as "*.jsp"
>
> ?
>
> Charlene
>
> --- [EMAIL PROTECTED] wrote: > Make your
> j_security_check an XSP page.
> > In that page, you can store things in the session.
> >
> > Here's the code of a page I use.
> >
> >
> > <?xml version="1.0" encoding="ISO-8859-1"?>
> >
> > <xsp:page language="java"
> > xmlns:xsp="http://apache.org/xsp";
> > xmlns:esql="http://apache.org/cocoon/SQL/v2";
> >
> >
>
xmlns:xsp-request="http://apache.org/xsp/request/2.0";
> >
> >
>
xmlns:xsp-session="http://apache.org/xsp/session/2.0";
> > create-session="true">
> >
> > <html>
> >
> > <esql:connection>
> > <esql:pool>pierrefabre</esql:pool>
> >
> > <esql:execute-query>
> > <esql:query>
> > select * from tblLogin
> > where name =
> > '<xsp-request:get-
> > parameter name="username"/>'
> > and password =
> > '<xsp-request:get-
> > parameter name="password"/>' ;
> > </esql:query>
> >
> > <esql:results>
> > <xsp-session:set-attribute
> > name="user">admin</xsp-
> > session:set-attribute>
> >
> > <body onload="window.location
> > = './../frames.html'"></body>
> > </esql:results>
> >
> > <esql:no-results>
> > <head>
> > <link rel="stylesheet"
> > type="text/css"
> > href="./../css/pierrefabre.css"/>
> > <title>Pierre Fabre
> > M�dicament</title>
> > <meta
> > http-equiv="Content-Type"
> > content="text/html; charset=ISO-8859-1"/>
> > </head>
> >
> > <body class="top" onload="window.alert ('Mot
> de
> > passe ou nom d' + '"' + 'utilisateur ne sont
> > pas corrects') ;
> > window.location = './../admin/password.html'">
> > </body>
> > </esql:no-results>
> > </esql:execute-query>
> >
> > </esql:connection>
> > </html>
> > </xsp:page>
> >
> > Citeren Charlene Mitchell
> <[EMAIL PROTECTED]>:
> > > I use form authentication in my web.xml and my
> > login
> > > page posts to j_security_check
>
> __________________________________________________
> Do You Yahoo!?
> Everything you'll ever need on one web page
> from News and Sport to Email and Music Charts
> http://uk.my.yahoo.com
>
>
---------------------------------------------------------------------
> Please check that your question has not already
> been answered in the
> FAQ before posting.
> <http://xml.apache.org/cocoon/faq/index.html>
>
> To unsubscribe, e-mail:
> <[EMAIL PROTECTED]>
> For additional commands, e-mail:
> <[EMAIL PROTECTED]>
>
__________________________________________________
Do You Yahoo!?
Everything you'll ever need on one web page
from News and Sport to Email and Music Charts
http://uk.my.yahoo.com
---------------------------------------------------------------------
Please check that your question has not already been answered in the
FAQ before posting. <http://xml.apache.org/cocoon/faq/index.html>
To unsubscribe, e-mail: <[EMAIL PROTECTED]>
For additional commands, e-mail: <[EMAIL PROTECTED]>
