Date: 2004-07-17T03:36:31 Editor: JoergHeinicke <[EMAIL PROTECTED]> Wiki: Cocoon Wiki Page: AuthFWWithFlow URL: http://wiki.apache.org/cocoon/AuthFWWithFlow
point to Cocoon samples Change Log: ------------------------------------------------------------------------------ @@ -1,368 +1 @@ -I cannot find the information I've used to create authentication using flow rather than actions, so I've decided to create this page with all info together. See [http://cocoon.apache.org/2.1/developing/webapps/authentication.html Authentication Framework] for background info. - -Of course, credit is due to anyone who recognizes this as his/hers. - -Helma - -=== Sitemap === - -{{{ -<?xml version="1.0" encoding="UTF-8"?> -<map:sitemap xmlns:map="http://apache.org/cocoon/sitemap/1.0";> - -...snip... - -<map:components> - <map:resources> - <!-- ========================================= --> - <!-- html-layout - handles the conversion to html --> - <!-- ========================================= --> - <map:resource name="html-layout"> - <map:transform src="stylesheets/layout.xslt"/> - <map:serialize type="html"/> - </map:resource> - </map:resources> - <!-- ========================================= --> - <!-- flow scripts --> - <!-- ========================================= --> - <map:flow language="javascript"> - <map:script src="system/scripts/login.js"/> - <map:script src="system/scripts/flowscripts.js"/> - </map:flow> - <map:pipelines> - <!-- ========================================= --> - <!-- flowAuthenticationHandler configuration --> - <!-- ========================================= --> - <map:component-configurations> - <authentication-manager> - <handlers> - <handler name="flowAuthenticationHandler"> - <!-- redirect-to uri="cocoon:/login"/> --> - <!-- above should work, but doesn't because of bug in Cocoon 2.1.4-dev - (prerelease), haven't checked since release --> - <redirect-to uri="/myapp/login"/> - <authentication uri="cocoon:raw:/authenticate"/> - </handler> - </handlers> - </authentication-manager> - </map:component-configurations> - <map:pipeline> - <!-- ========================================= --> - <!-- flow script continuations --> - <!-- ========================================= --> - <map:match pattern="**/*.continue"> - <map:call continuation="{2}"/> - </map:match> - <map:match pattern="*.continue"> - <map:call continuation="{1}"/> - </map:match> - <!-- ========================================= --> - <!-- about - information about the --> - <!-- project and credits --> - <!-- ========================================= --> - <map:match pattern="about.html"> - <map:call function="isLoggedIn"> - <map:parameter name="handler" value="flowAuthenticationHandler"/> - <map:parameter name="protected-redirect" - value="general/about.form"/> - <map:parameter name="failure-redirect" value="about"/> - </map:call> - </map:match> - <map:match pattern="about"> - <map:generate src="content/about.xml"/> - <map:call resource="html-layout"/> - </map:match> - <!-- ========================================= --> - <!-- news - news about the project --> - <!-- ========================================= --> - <map:match pattern="news.html"> - <map:call function="isLoggedIn"> - <map:parameter name="handler" value="flowAuthenticationHandler"/> - <map:parameter name="protected-redirect" value="general/news.form"/> - <map:parameter name="failure-redirect" value="news"/> - </map:call> - </map:match> - <map:match pattern="news"> - <map:generate src="content/news.xml"/> - <map:call resource="html-layout"/> - </map:match> - <!-- ========================================= --> - <!-- main pipeline for general pages --> - <!-- ========================================= --> - <map:match pattern="general/**"> - <map:call function="protect"> - <map:parameter name="handler" value="flowAuthenticationHandler"/> - <map:parameter name="protected-internal" value="internal/{1}"/> - <map:parameter name="failure-redirect" value="login"/> - <map:parameter name="failure-error" value="Eerst inloggen"/> - </map:call> - </map:match> - </map:pipeline> - <!-- ========================================= --> - <!-- pipeline handling the content of the --> - <!-- protected pages --> - <!-- ========================================= --> - <map:pipeline internal-only="true"> - <map:match pattern="internal/showError.form"> - <map:generate type="jx" src="content/showError.jx"/> - <map:transform type="cinclude"/> - <map:call resource="html-layout"/> - <map:serialize type="xml"/> - </map:match> - <map:match pattern="internal/*.form"> - <map:generate src="content/{1}.xml"/> - <map:transform type="cinclude"/> - <map:call resource="html-layout"/> - </map:match> - -... snip [other pipelines] ... - - <!-- ========================================= --> - <!-- handle "use case" with flow function --> - <!-- ========================================= --> - <map:match pattern="**/protected/**.html"> - <map:call function="prot_{2}"/> - </map:match> - </map:pipeline> - <!-- ========================================= --> - <!-- Authentication pipelines --> - <!-- ========================================= --> - <map:pipeline> - <!-- ========================================= --> - <!-- Redirections for page requests on homepage --> - <!-- ========================================= --> - <map:match pattern=""> - <map:redirect-to session="true" uri="login"/> - </map:match> - <map:match pattern="/"> - <map:redirect-to session="true" uri="login"/> - </map:match> - <map:match pattern="*.html"> - <map:redirect-to session="true" uri="login"/> - </map:match> - <!-- ========================================= --> - <!-- Login page --> - <!-- ========================================= --> - <map:match pattern="login"> - <map:call function="isLoggedIn"> - <map:parameter name="handler" value="flowAuthenticationHandler"/> - <map:parameter name="protected-redirect" value="myFirstProtectedPage.html"/> - <map:parameter name="failure-internal" value="internal/login"/> - </map:call> - </map:match> - <!-- ========================================= --> - <!-- Form target which performs auth service --> - <!-- ========================================= --> - <map:match pattern="do-login"> - <!-- try to login --> - <map:call function="login"> - <map:parameter name="handler" value="flowAuthenticationHandler"/> - <map:parameter name="parameter_name" value="{request-param:username}"/> - <map:parameter name="parameter_password" value="{request-param:password}"/> - <map:parameter name="protected-redirect" value="myFirstProtectedPage.html"/> - <map:parameter name="failure-redirect" value="login"/> - </map:call> - </map:match> - <!-- ========================================= --> - <!-- Logout link which invalidates the session --> - <!-- ========================================= --> - <map:match pattern="do-logout"> - <map:call function="logout"> - <map:parameter name="handler" value="flowAuthenticationHandler"/> - <map:parameter name="failure-redirect" value="login"/> - </map:call> - </map:match> - </map:pipeline> - <map:pipeline internal-only="true"> - <!-- ========================================= --> - <!-- This is the authentication resource --> - <!-- ========================================= --> - <map:match pattern="authenticate"> - <map:generate src="system/authenticate/userlist.xml"/> - <map:transform src="system/authenticate/authenticate.xslt"> - <map:parameter name="use-request-parameters" value="true"/> - </map:transform> - <map:serialize type="xml"/> - </map:match> - <!-- ========================================= --> - <!-- getUser --> - <!-- put user info in an XML file --> - <!-- ========================================= --> - <map:match pattern="getUser"> - <map:generate src="system/authentication.xml"/> - <map:transform type="session"/> - <map:serialize type="xml"/> - </map:match> - <!-- ========================================= --> - <!-- handle the actual login --> - <!-- ========================================= --> - <map:match pattern="internal/login"> - <map:generate src="content/login.jx" type="jx"/> - <map:transform type="encodeURL"/> - <map:call resource="html-layout"/> - </map:match> - </map:pipeline> - </map:pipelines> -</map:sitemap> -<!-- end of file --> - -}}} - -Note that "about" and "news" are used in different pipelines to allow them to be visible whether or not the user is logged in. In my case the "logged out" version only displays a link to "login", while the "logged in" version displays a sidebar with the other protected pages. - -=== login.js === - -{{{ - -cocoon.load("resource://org/apache/cocoon/webapps/authentication/flow/javascript/auth.js"); - -function isLoggedIn() { - var handler = cocoon.parameters["handler"]; - var resource = cocoon.parameters["resource"]; -// resource contains the URL where the request came from, -// so you can redirect to there - if (auth_isAuthenticated(handler)) { - success(); - } else { - failure(); - } -} - -function protect() { - var handler = cocoon.parameters["handler"]; - - if (auth_checkAuthentication(handler,"")) { - success(); - } else { - // already redirected by auth_checkAuthentication - } -} - -function login() { - var handler = cocoon.parameters["handler"]; - - if (auth_isAuthenticated(handler)) { - success(); - } else if (auth_login(handler, null, cocoon.parameters)) { - success(); - } else { - failure(); - } -} - -function logout() { - var handler = cocoon.parameters["handler"]; - - auth_logout(handler); - failure(); -} - -function success() { - var internal = cocoon.parameters["protected-internal"]; - var redirect = cocoon.parameters["protected-redirect"]; - - if (internal != null) { - cocoon.sendPage(internal); - } else if (redirect != null) { - cocoon.redirectTo(redirect); - } else { - throw new Error("No protected redirection parameter given"); - } -} - -function failure() { - var internal = cocoon.parameters["failure-internal"]; - var redirect = cocoon.parameters["failure-redirect"]; - var errMessage = cocoon.parameters["failure-error"]; - - if (internal != null) { - cocoon.sendPage(internal, {errMsg : errMessage}); - } else if (redirect != null) { - cocoon.redirectTo(redirect); - } else { - // Why does this throw cause an error? - throw new Error("No failure redirection parameter given"); - } -} - -}}} - -=== Authentication.xml === - -{{{ - -<?xml version="1.0" encoding="UTF-8"?> -<authentication xmlns:session="http://apache.org/cocoon/session/1.0"; -> -<session:getxml context="authentication" path="/"/> -</authentication> - -}}} - -=== Authenticate.xslt === - -{{{ -<?xml version="1.0"?> -<!-- $Id: authenticate.xsl,v 1.2 2003/05/03 16:17:59 vgritsenko Exp $ --> -<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform";> - <!-- Get the name from the request paramter --> - <xsl:param name="name"/> - <xsl:param name="password"/> - <xsl:template match="authentication"> - <authentication> - <xsl:apply-templates select="users"/> - </authentication> - </xsl:template> - <!-- ========================================= --> - <!-- users --> - <!-- ========================================= --> - <xsl:template match="users"> - <xsl:apply-templates select="user"/> - </xsl:template> - <!-- ========================================= --> - <!-- user --> - <!-- ========================================= --> - <xsl:template match="user"> - <!-- Compare the name of the user --> - <xsl:if test="normalize-space(name) = $name"> - <xsl:if test="normalize-space(password)=$password"> - <!-- found, so create the ID --> - <ID> - <xsl:value-of select="name"/> - </ID> - <role> - <xsl:value-of select="role"/> - </role> - </xsl:if> - </xsl:if> - </xsl:template> -</xsl:stylesheet> - -}}} - -=== userlist.xml === - -{{{ - -<?xml version="1.0" encoding="ISO-8859-1"?> -<!-- $Id: userlist.xml,v 1.1 2004/04/01 15:25:14 hvanderlinden Exp $ - - Description: All users - ---> -<authentication> - <users> - <user> - <name>[EMAIL PROTECTED]</name> - <role>admin</role> - <password>test123</password> - </user> - <user> - <name>[EMAIL PROTECTED]</name> - <role>guest</role> - <password>guest</password> - </user> - </users> -</authentication> - -}}} +"Authentication Framework with Flow" is now available as sample in your Cocoon installation at http://localhost:8888/samples/blocks/authentication-fw/flow/.
