Hi all, Has anyone experience with the following:
An external sso login module Resources in repository should be protected on a role based level. Resources can not be published to special url so smart url matching is not an option. Meta-data of resource contains data telling how data is protected. Obvious options such as Cocoon's Authentication Framework and CoWarp seem to be insufficient. Another option dealing with Acegi seems to be appear the way to go. All we need to do is to configure Acegi as filter and make an action in Cocoon checking if the authorization requirements are met. In flow script this done through Acegi classes. In case a user is not logged in or has insufficient access a proper exception is thrown, which will be picked up by the Acegi filter. This way access to resources is not hardcoded into a sitemap as which is the case with the other mentioned frameworks. Grtz, Aede _________________________________________________________________ Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/******************************************** Hippocms-dev: Hippo CMS development public mailinglist
