Does that mean that for every pipeline, the authenticator does a authenticate() call?
> -----Original Message----- > From: news [mailto:[EMAIL PROTECTED] On Behalf Of Jorg Heymans > Sent: Tuesday, September 21, 2004 4:06 PM > To: [EMAIL PROTECTED] > Subject: Re: Cocoon and security (JAAS or J2EE??) > > > > Bart Molenkamp wrote: > > > > I also know that I can protect documents with that framework, but how > > can I specify that only users with a specific role can view that > > document (pipeline)? Do I need to write my own sitemap components for > > that (e.g. an action)? > > Your authenticator class gets called every time a protected pipeline is > accessed. If users need a certain role level, just check their role and > return false if it's not sufficient. > > > Jorg
