On 7/24/2012 10:05 AM, Lars Huttar wrote:
> On 7/24/2012 9:58 AM, Lars Huttar wrote:
>> I wonder if "auth" is the same as "CAuth", which I think refers to
>> org.apache.cocoon.auth package. [0]
>> But I haven't yet found documentation on how to use this package in
>> Cocoon 2.1.11; only JavaDoc pages.
> The package seems to exist in Cocoon 2.1.11 [0]. I wonder if I can use
> the "Cocoon Authentication" documentation from Cocoon 2.2 [1], aside
> from the bean stuff?
I've tried this, following the instructions at [1]. The result I'm
getting is that the resource is not protected; everybody is let in,
regardless.
Here is my configuration.
In cocoon.xconf:
<component class="org.apache.cocoon.auth.impl.PipelineSecurityHandler"
role="org.apache.cocoon.auth.SecurityHandler/ethnopubHandler">
<authentication-resource>cocoon:raw://mount/ethnologue-17-pub/authorize</authentication-resource>
</component>
<component class="org.apache.cocoon.auth.StandardApplication"
role="org.apache.cocoon.auth.Application/ethnopub">
<security-handler>org.apache.cocoon.auth.SecurityHandler/ethnopubHandler</security-handler>
</component>
Some of the above is guesswork, attempting to convert from bean format
to the older Cocoon 2.1.11 format. Can anybody validate it?
In the top-level sitemap.xmap, under <map:components>/<map:actions>:
<!-- for CAuth: (see
http://cocoon.apache.org/2.2/blocks/auth/1.0/1315_1_1.html) -->
<map:action name="cauth-is-logged-in"
src="org.apache.cocoon.auth.acting.LoggedInAction"/>
<map:action name="cauth-login"
src="org.apache.cocoon.auth.acting.LoginAction"/>
<map:action name="cauth-logout"
src="org.apache.cocoon.auth.acting.LogoutAction"/>
(I copied this from the "portal" block's sitemap.)
In the mounted sub-sitemap:
<map:match pattern="dataset/*/*/*/source">
<map:act type="cauth-is-logged-in">
<map:parameter name="application" value="ethnopubapp"
/>
<map:generate src="datasets/query/{1}.xml"/>
<map:serialize type="xml"/>
</map:act>
</map:match>
When I put Cocoon in full DEBUG logging mode, this is the only log
output I get relevant to the authentication of the resource:
DEBUG (2012-07-24) 13:32.52:579 [sitemap]
(/mount/ethnologue-17-pub/dataset/country-header/-/-/source)
catalina-exec-2/LoggedInAction: BEGIN act
resolver=org.apache.cocoon.environment.http.HttpEnvironment@834e7,
objectModel={response=org.apache.cocoon.environment.http.HttpResponse@c92ed6,
source-resolver=org.apache.cocoon.environment.http.HttpEnvironment@834e7,
request=org.apache.cocoon.environment.http.HttpRequest@21f46a,
context=org.apache.cocoon.environment.http.HttpContext@13598c3,
httpresponse=org.apache.catalina.connector.ResponseFacade@1c06a6d,
org.apache.cocoon.components.CocoonComponentManager=org.apache.cocoon.components.EnvironmentDescription@18b3fee,
httpservletcontext=org.apache.catalina.core.ApplicationContextFacade@1125f92,
httprequest=org.apache.catalina.connector.RequestFacade@14096e6},
source=null, par=Parameters[r/w]:{application=ethnopubapp}
DEBUG (2012-07-24) 13:32.52:579 [sitemap]
(/mount/ethnologue-17-pub/dataset/country-header/-/-/source)
catalina-exec-2/LoggedInAction: END act map={}
Nothing in the log indicates that the authentication resource URI
("cocoon:raw://mount/ethnologue-17-pub/authorize") is even being called.
Help, anyone?
BTW I'm cross-posting this to the dev list, because nobody seems to be
responding on the user list. For previous posts in this thread, see
http://cocoon.markmail.org/thread/fgidpmwxrajormjn
Thanks,
Lars
[1] http://cocoon.apache.org/2.2/blocks/auth/1.0/1315_1_1.html
