Hi Matthias,
can you please add it to the Jira issue tracker and describe all this
(copy paste of email snippets is ok). Then I wont forget it :-)
Thanks!
Geert
On 22 May 2008, at 15:21, Matthias Barmeier wrote:
>
> Hi Geert,
>
> perfect. I think this would be (at least for me ;) ) a real good
> feature.
>
> Ciao
> Matthias
>
>
>
> Geert Bevin schrieb:
>> Hi Matthias,
>>
>> I was thinking along the same lines, but instead with something
>> generic, like:
>>
>> <property name="role">
>> <list>
>> <item>Client</item>
>> <item>Admin</item>
>> </list>
>> </property>
>>
>> This would then create a list with those two item added to it.
>>
>> When used with Java to build the element, this would even be easier:
>>
>> .addProperty("role", Arrays.asList(new String[] {"Client",
>> "Admin"}));
>>
>> What do you think?
>>
>> Best regards,
>>
>> Geert
>>
>> On 22 May 2008, at 12:51, Matthias Barmeier wrote:
>>
>>
>>> Hi Geert,
>>>
>>> actually I have already implemented the comma separated roles ;).
>>> But I
>>> thought I have missed something in the docs as usual.
>>>
>>> I think it is OK to say that roles should not contain a comma. The
>>> easiest solution would be to add a property named roles where a
>>> comma
>>> separated list of roles can be entered. This should solve 98% of the
>>> needs.
>>>
>>> I don't like separators too and the cleanest way I think is
>>> something like:
>>>
>>> <element id="AuthClient" extends="rife/authenticated/
>>> memory.xml">
>>> <property name="password_encryption">SHA</property>
>>> <roles>
>>> <role name="Admin"/>
>>> <role name="Client"/>
>>> </roles>
>>> <property name="authvar_type">cookie</property>
>>> <property name="template_name">authentication.admin</
>>> property>
>>> <submission name="credentials">
>>> <param name="login"/>
>>> <param name="password"/>
>>> </submission>
>>>
>>> <childtrigger name="authid"/>
>>> </element>
>>>
>>> But is it really a restriction to disallow role names with commas ?
>>>
>>> Ciao
>>> Matthias
>>>
>>>
>>> Geert Bevin schrieb:
>>>
>>>> Hi Matthias,
>>>>
>>>> properties are key-value pairs, so if you set it multiple times,
>>>> the
>>>> last one will replace the earlier one. However, I'm surprised
>>>> that I
>>>> never ran into this multiple role problem before. Now that I
>>>> think of
>>>> it, I always had clearly defined sections of the sites I developed
>>>> where when authentication was used, there was always one role that
>>>> corresponded. When several roles applied, I always had
>>>> information to
>>>> show to everyone, and I used the user identification facility
>>>> (http://rifers.org/wiki/display/RIFE/User+identification+facility
>>>> ).
>>>>
>>>> Now, you should be able to quite easily support multiple roles for
>>>> authentication elements since you already have a custom
>>>> CredentialsManager. You could for instance separate different roles
>>>> with commas and then adapt your verifyCredentials(Credentials)
>>>> method
>>>> to properly handle the separation of the roles.
>>>>
>>>> I'd like to support this by default in RIFE though since it seems
>>>> like
>>>> a shameful oversight. Have to think about how to best do this in a
>>>> backwards compatible way (you never know if someone uses commas in
>>>> his
>>>> role names!).
>>>>
>>>> Hope this helps,
>>>>
>>>> Geert
>>>>
>>>>
>>>> On 22 May 2008, at 11:34, Matthias Barmeier wrote:
>>>>
>>>>
>>>>
>>>>> Hi,
>>>>>
>>>>> My CredentialsManager works perfect evrything looked good but now
>>>>> I am
>>>>> stuck again. I have an Element that can be used from admins and
>>>>> users. I
>>>>> defined this with:
>>>>>
>>>>> <element id="AuthClient" extends="rife/authenticated/
>>>>> memory.xml">
>>>>> <property name="password_encryption">SHA</property>
>>>>> <property name="role">Client</property>
>>>>> <property name="role">Admin</property>
>>>>> <property name="authvar_type">cookie</property>
>>>>> <property name="template_name">authentication.admin</
>>>>> property>
>>>>> <property
>>>>> name
>>>>> =
>>>>> "credentialsmanagerfactory_class
>>>>> ">de.sourcepark.ms2.rife.MS2CredentialsManagerFactory</property>
>>>>> <submission name="credentials">
>>>>> <param name="login"/>
>>>>> <param name="password"/>
>>>>> </submission>
>>>>>
>>>>> <childtrigger name="authid"/>
>>>>> </element>
>>>>>
>>>>> and
>>>>>
>>>>> <element id="CustomerChangePw"
>>>>>
>>>>> implementation="de.sourcepark.ms2.rife.customer.EditCustomerPw"
>>>>> url="/customerchangepw" inherits="AuthClient">
>>>>> <inbean name="customer" prefix="pre_"
>>>>>
>>>>> classname="de.sourcepark.ms2.rife.customer.CBCustomerPwEdit"/>
>>>>> <autolink srcexit="CustomerList"/>
>>>>> </element>
>>>>>
>>>>> Everything works fine when I login with accounts that have the
>>>>> admin
>>>>> rolle assigned to. When I try to login as normal user I always get
>>>>> an
>>>>> invalid credentials error.
>>>>>
>>>>> When debugging my CredentialsManager I checked the credentials I
>>>>> get
>>>>> as
>>>>> parameter in the verifyCredentials method the credentials with
>>>>> password
>>>>> and username as expected but the role is always set to Admin.
>>>>> When I
>>>>> remove the Admin role form the AuthClient element the role is
>>>>> always
>>>>> set
>>>>> to Client. Shouldn' t the credentials given containing all the
>>>>> roles
>>>>> allowed for the element ?
>>>>>
>>>>> Where is my fault ?
>>>>>
>>>>>
>>>> --
>>>> Geert Bevin
>>>> Terracotta - http://www.terracotta.org
>>>> Uwyn "Use what you need" - http://uwyn.com
>>>> RIFE Java application framework - http://rifers.org
>>>> Music and words - http://gbevin.com
>>>>
>>>>
>>>>
>>
>> --
>> Geert Bevin
>> Terracotta - http://www.terracotta.org
>> Uwyn "Use what you need" - http://uwyn.com
>> RIFE Java application framework - http://rifers.org
>> Music and words - http://gbevin.com
>>
>>
>>>
>>
>
>
> >
--
Geert Bevin
Terracotta - http://www.terracotta.org
Uwyn "Use what you need" - http://uwyn.com
RIFE Java application framework - http://rifers.org
Music and words - http://gbevin.com
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"rife-users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/rife-users?hl=en
-~----------~----~----~----~------~----~------~--~---
