Why don't you add it to the Cocoon CVS? a) general samples block (Petstore, image based auth, ...) b) autentication framework block c) SVG block
I would be +1 for b) and +0,5 for the two others. What do others think? Reinhard > -----Original Message----- > From: Tony Collen [mailto:[EMAIL PROTECTED] > Sent: Thursday, October 30, 2003 10:46 PM > To: [EMAIL PROTECTED] > Subject: Re: Image-Based Authentication > > > Alright, here is the complete guide to how I got image-based > authentication working. I refactored it to not use > interceptions, as well. > > If there are any questions, please ask! :) > > Here is the sitemap snippet: > > <map:match pattern=""> > <map:call function="main"/> > </map:match> > > <map:match pattern="form/*.flow"> > <map:call continuation="{1}"/> > </map:match> > > <map:match pattern="*.jxt"> > <map:generate type="jxt" src="documents/{1}.jxt"/> > <map:serialize type="xhtml"/> > </map:match> > > <map:match pattern="auth/*.jpg"> > <map:call continuation="{1}"> > <map:parameter name="msg" value="image"/> > </map:call> > </map:match> > > <map:match pattern="internal/auth.jpg"> > <map:generate type="jxt" src="documents/auth-jxt.svg"/> > <map:serialize type="svg2jpeg"/> > </map:match> > > > Here is the associated Flowscript: > > > function main() { > > var secret = generateSecret(); > > while (true) { > cocoon.sendPageAndWait("main.jxt", {secret:secret}); > > if (cocoon.parameters.msg == "image") { > cocoon.sendPage("internal/auth.jpg", {text:secret}); > return; > } else { > > var input = cocoon.request.get("secret"); > > if (input == secret) { > break; > } > } > } > > cocoon.sendPage("/image/success.jxt", {secret:secret}); > > } > > function generateSecret() { > > var characters = > "[EMAIL PROTECTED]&*(){}[]<>.,ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"; > > var passwordlength = 7; > > var password = ""; > var randomnumber = 0; > > for (var n = 0; n < passwordlength; n++) { > randomnumber = Math.floor(characters.length*Math.random()); > password += > characters.substring(randomnumber,randomnumber + 1) > } > > return password; > } > > > And here are the appropriate files (mostly jxtemplates): > > main.jxt: > > <?xml version="1.0"?> > <html xmlns:jx="http://apache.org/cocoon/templates/jx/1.0";> > <head> > <title>image authentication</title> > </head> > <body> > > <h1>Image-based authentication</h1> > > <p>As a security measure, please enter the string you > see below.</p> > > <img src="/image/auth/${continuation.id}.jpg"/> > > <form method="post" action="/image/form/${continuation.id}.flow"> > <input type="text" name="secret"/> > <input type="submit"/> > </form> > > > </body> > </html> > > success.jxt: > > <?xml version="1.0"?> > <html xmlns:jx="http://apache.org/cocoon/templates/jx/1.0";> > <head> > <title>image authentication</title> > </head> > <body> > > <h1>Success!</h1> > <p>The code was obviously ${secret}</p> > <p>This sample demonstrates how you would implement an > image-based > authentication using flow and the intercepted flowscript.</p> > <p>This is most commonly used to keep robots or spiders > out of an > area, but > you don't neccesarily care about humans.</p> > > > </body> > </html> > > auth-jxt.svg: > > <?xml version="1.0" encoding="UTF-8"?> > > <svg width="200" height="75"> > <defs> > <filter id="blur2"> > <feGaussianBlur stdDeviation="2"/> > </filter> > </defs> > <g id="imagegroup"> > <text > style="fill:#0086B3;font-size:42;font-family:TrebuchetMS-Bold; > filter:url(#blur2);" > x="0" y="48">${text}</text> > </g> > </svg> > > > > > Regards, > > Tony >
