Hi Geert,
perfect. I think this would be (at least for me ;) ) a real good feature.
Ciao
Matthias
Geert Bevin schrieb:
> Hi Matthias,
>
> I was thinking along the same lines, but instead with something
> generic, like:
>
> <property name="role">
> <list>
> <item>Client</item>
> <item>Admin</item>
> </list>
> </property>
>
> This would then create a list with those two item added to it.
>
> When used with Java to build the element, this would even be easier:
>
> .addProperty("role", Arrays.asList(new String[] {"Client", "Admin"}));
>
> What do you think?
>
> Best regards,
>
> Geert
>
> On 22 May 2008, at 12:51, Matthias Barmeier wrote:
>
>
>> Hi Geert,
>>
>> actually I have already implemented the comma separated roles ;).
>> But I
>> thought I have missed something in the docs as usual.
>>
>> I think it is OK to say that roles should not contain a comma. The
>> easiest solution would be to add a property named roles where a comma
>> separated list of roles can be entered. This should solve 98% of the
>> needs.
>>
>> I don't like separators too and the cleanest way I think is
>> something like:
>>
>> <element id="AuthClient" extends="rife/authenticated/
>> memory.xml">
>> <property name="password_encryption">SHA</property>
>> <roles>
>> <role name="Admin"/>
>> <role name="Client"/>
>> </roles>
>> <property name="authvar_type">cookie</property>
>> <property name="template_name">authentication.admin</
>> property>
>> <submission name="credentials">
>> <param name="login"/>
>> <param name="password"/>
>> </submission>
>>
>> <childtrigger name="authid"/>
>> </element>
>>
>> But is it really a restriction to disallow role names with commas ?
>>
>> Ciao
>> Matthias
>>
>>
>> Geert Bevin schrieb:
>>
>>> Hi Matthias,
>>>
>>> properties are key-value pairs, so if you set it multiple times, the
>>> last one will replace the earlier one. However, I'm surprised that I
>>> never ran into this multiple role problem before. Now that I think of
>>> it, I always had clearly defined sections of the sites I developed
>>> where when authentication was used, there was always one role that
>>> corresponded. When several roles applied, I always had information to
>>> show to everyone, and I used the user identification facility
>>> (http://rifers.org/wiki/display/RIFE/User+identification+facility
>>> ).
>>>
>>> Now, you should be able to quite easily support multiple roles for
>>> authentication elements since you already have a custom
>>> CredentialsManager. You could for instance separate different roles
>>> with commas and then adapt your verifyCredentials(Credentials) method
>>> to properly handle the separation of the roles.
>>>
>>> I'd like to support this by default in RIFE though since it seems
>>> like
>>> a shameful oversight. Have to think about how to best do this in a
>>> backwards compatible way (you never know if someone uses commas in
>>> his
>>> role names!).
>>>
>>> Hope this helps,
>>>
>>> Geert
>>>
>>>
>>> On 22 May 2008, at 11:34, Matthias Barmeier wrote:
>>>
>>>
>>>
>>>> Hi,
>>>>
>>>> My CredentialsManager works perfect evrything looked good but now
>>>> I am
>>>> stuck again. I have an Element that can be used from admins and
>>>> users. I
>>>> defined this with:
>>>>
>>>> <element id="AuthClient" extends="rife/authenticated/
>>>> memory.xml">
>>>> <property name="password_encryption">SHA</property>
>>>> <property name="role">Client</property>
>>>> <property name="role">Admin</property>
>>>> <property name="authvar_type">cookie</property>
>>>> <property name="template_name">authentication.admin</
>>>> property>
>>>> <property
>>>> name
>>>> =
>>>> "credentialsmanagerfactory_class
>>>> ">de.sourcepark.ms2.rife.MS2CredentialsManagerFactory</property>
>>>> <submission name="credentials">
>>>> <param name="login"/>
>>>> <param name="password"/>
>>>> </submission>
>>>>
>>>> <childtrigger name="authid"/>
>>>> </element>
>>>>
>>>> and
>>>>
>>>> <element id="CustomerChangePw"
>>>>
>>>> implementation="de.sourcepark.ms2.rife.customer.EditCustomerPw"
>>>> url="/customerchangepw" inherits="AuthClient">
>>>> <inbean name="customer" prefix="pre_"
>>>>
>>>> classname="de.sourcepark.ms2.rife.customer.CBCustomerPwEdit"/>
>>>> <autolink srcexit="CustomerList"/>
>>>> </element>
>>>>
>>>> Everything works fine when I login with accounts that have the admin
>>>> rolle assigned to. When I try to login as normal user I always get
>>>> an
>>>> invalid credentials error.
>>>>
>>>> When debugging my CredentialsManager I checked the credentials I get
>>>> as
>>>> parameter in the verifyCredentials method the credentials with
>>>> password
>>>> and username as expected but the role is always set to Admin. When I
>>>> remove the Admin role form the AuthClient element the role is always
>>>> set
>>>> to Client. Shouldn' t the credentials given containing all the roles
>>>> allowed for the element ?
>>>>
>>>> Where is my fault ?
>>>>
>>>>
>>> --
>>> Geert Bevin
>>> Terracotta - http://www.terracotta.org
>>> Uwyn "Use what you need" - http://uwyn.com
>>> RIFE Java application framework - http://rifers.org
>>> Music and words - http://gbevin.com
>>>
>>>
>>>
>
> --
> Geert Bevin
> Terracotta - http://www.terracotta.org
> Uwyn "Use what you need" - http://uwyn.com
> RIFE Java application framework - http://rifers.org
> Music and words - http://gbevin.com
>
>
> >
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"rife-users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/rife-users?hl=en
-~----------~----~----~----~------~----~------~--~---
