Thanks, I'll look into it as soon as I can.
Best regards,
Geert
On 22 May 2008, at 16:00, Matthias Barmeier wrote:
>
> Hi Geert,
>
> ok added to Jira.
>
> Ciao
> Matthias
>
> Geert Bevin schrieb:
>> Hi Matthias,
>>
>> can you please add it to the Jira issue tracker and describe all this
>> (copy paste of email snippets is ok). Then I wont forget it :-)
>>
>> Thanks!
>>
>> Geert
>>
>> On 22 May 2008, at 15:21, Matthias Barmeier wrote:
>>
>>
>>> Hi Geert,
>>>
>>> perfect. I think this would be (at least for me ;) ) a real good
>>> feature.
>>>
>>> Ciao
>>> Matthias
>>>
>>>
>>>
>>> Geert Bevin schrieb:
>>>
>>>> Hi Matthias,
>>>>
>>>> I was thinking along the same lines, but instead with something
>>>> generic, like:
>>>>
>>>> <property name="role">
>>>> <list>
>>>> <item>Client</item>
>>>> <item>Admin</item>
>>>> </list>
>>>> </property>
>>>>
>>>> This would then create a list with those two item added to it.
>>>>
>>>> When used with Java to build the element, this would even be
>>>> easier:
>>>>
>>>> .addProperty("role", Arrays.asList(new String[] {"Client",
>>>> "Admin"}));
>>>>
>>>> What do you think?
>>>>
>>>> Best regards,
>>>>
>>>> Geert
>>>>
>>>> On 22 May 2008, at 12:51, Matthias Barmeier wrote:
>>>>
>>>>
>>>>
>>>>> Hi Geert,
>>>>>
>>>>> actually I have already implemented the comma separated roles ;).
>>>>> But I
>>>>> thought I have missed something in the docs as usual.
>>>>>
>>>>> I think it is OK to say that roles should not contain a comma. The
>>>>> easiest solution would be to add a property named roles where a
>>>>> comma
>>>>> separated list of roles can be entered. This should solve 98% of
>>>>> the
>>>>> needs.
>>>>>
>>>>> I don't like separators too and the cleanest way I think is
>>>>> something like:
>>>>>
>>>>> <element id="AuthClient" extends="rife/authenticated/
>>>>> memory.xml">
>>>>> <property name="password_encryption">SHA</property>
>>>>> <roles>
>>>>> <role name="Admin"/>
>>>>> <role name="Client"/>
>>>>> </roles>
>>>>> <property name="authvar_type">cookie</property>
>>>>> <property name="template_name">authentication.admin</
>>>>> property>
>>>>> <submission name="credentials">
>>>>> <param name="login"/>
>>>>> <param name="password"/>
>>>>> </submission>
>>>>>
>>>>> <childtrigger name="authid"/>
>>>>> </element>
>>>>>
>>>>> But is it really a restriction to disallow role names with
>>>>> commas ?
>>>>>
>>>>> Ciao
>>>>> Matthias
>>>>>
>>>>>
>>>>> Geert Bevin schrieb:
>>>>>
>>>>>
>>>>>> Hi Matthias,
>>>>>>
>>>>>> properties are key-value pairs, so if you set it multiple times,
>>>>>> the
>>>>>> last one will replace the earlier one. However, I'm surprised
>>>>>> that I
>>>>>> never ran into this multiple role problem before. Now that I
>>>>>> think of
>>>>>> it, I always had clearly defined sections of the sites I
>>>>>> developed
>>>>>> where when authentication was used, there was always one role
>>>>>> that
>>>>>> corresponded. When several roles applied, I always had
>>>>>> information to
>>>>>> show to everyone, and I used the user identification facility
>>>>>> (http://rifers.org/wiki/display/RIFE/User+identification+facility
>>>>>> ).
>>>>>>
>>>>>> Now, you should be able to quite easily support multiple roles
>>>>>> for
>>>>>> authentication elements since you already have a custom
>>>>>> CredentialsManager. You could for instance separate different
>>>>>> roles
>>>>>> with commas and then adapt your verifyCredentials(Credentials)
>>>>>> method
>>>>>> to properly handle the separation of the roles.
>>>>>>
>>>>>> I'd like to support this by default in RIFE though since it seems
>>>>>> like
>>>>>> a shameful oversight. Have to think about how to best do this
>>>>>> in a
>>>>>> backwards compatible way (you never know if someone uses commas
>>>>>> in
>>>>>> his
>>>>>> role names!).
>>>>>>
>>>>>> Hope this helps,
>>>>>>
>>>>>> Geert
>>>>>>
>>>>>>
>>>>>> On 22 May 2008, at 11:34, Matthias Barmeier wrote:
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> My CredentialsManager works perfect evrything looked good but
>>>>>>> now
>>>>>>> I am
>>>>>>> stuck again. I have an Element that can be used from admins and
>>>>>>> users. I
>>>>>>> defined this with:
>>>>>>>
>>>>>>> <element id="AuthClient" extends="rife/authenticated/
>>>>>>> memory.xml">
>>>>>>> <property name="password_encryption">SHA</property>
>>>>>>> <property name="role">Client</property>
>>>>>>> <property name="role">Admin</property>
>>>>>>> <property name="authvar_type">cookie</property>
>>>>>>> <property name="template_name">authentication.admin</
>>>>>>> property>
>>>>>>> <property
>>>>>>> name
>>>>>>> =
>>>>>>> "credentialsmanagerfactory_class
>>>>>>> ">de.sourcepark.ms2.rife.MS2CredentialsManagerFactory</property>
>>>>>>> <submission name="credentials">
>>>>>>> <param name="login"/>
>>>>>>> <param name="password"/>
>>>>>>> </submission>
>>>>>>>
>>>>>>> <childtrigger name="authid"/>
>>>>>>> </element>
>>>>>>>
>>>>>>> and
>>>>>>>
>>>>>>> <element id="CustomerChangePw"
>>>>>>>
>>>>>>> implementation="de.sourcepark.ms2.rife.customer.EditCustomerPw"
>>>>>>> url="/customerchangepw" inherits="AuthClient">
>>>>>>> <inbean name="customer" prefix="pre_"
>>>>>>>
>>>>>>> classname="de.sourcepark.ms2.rife.customer.CBCustomerPwEdit"/>
>>>>>>> <autolink srcexit="CustomerList"/>
>>>>>>> </element>
>>>>>>>
>>>>>>> Everything works fine when I login with accounts that have the
>>>>>>> admin
>>>>>>> rolle assigned to. When I try to login as normal user I always
>>>>>>> get
>>>>>>> an
>>>>>>> invalid credentials error.
>>>>>>>
>>>>>>> When debugging my CredentialsManager I checked the credentials I
>>>>>>> get
>>>>>>> as
>>>>>>> parameter in the verifyCredentials method the credentials with
>>>>>>> password
>>>>>>> and username as expected but the role is always set to Admin.
>>>>>>> When I
>>>>>>> remove the Admin role form the AuthClient element the role is
>>>>>>> always
>>>>>>> set
>>>>>>> to Client. Shouldn' t the credentials given containing all the
>>>>>>> roles
>>>>>>> allowed for the element ?
>>>>>>>
>>>>>>> Where is my fault ?
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>> --
>>>>>> Geert Bevin
>>>>>> Terracotta - http://www.terracotta.org
>>>>>> Uwyn "Use what you need" - http://uwyn.com
>>>>>> RIFE Java application framework - http://rifers.org
>>>>>> Music and words - http://gbevin.com
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>> --
>>>> Geert Bevin
>>>> Terracotta - http://www.terracotta.org
>>>> Uwyn "Use what you need" - http://uwyn.com
>>>> RIFE Java application framework - http://rifers.org
>>>> Music and words - http://gbevin.com
>>>>
>>>>
>>>>
>>>
>>
>> --
>> Geert Bevin
>> Terracotta - http://www.terracotta.org
>> Uwyn "Use what you need" - http://uwyn.com
>> RIFE Java application framework - http://rifers.org
>> Music and words - http://gbevin.com
>>
>>
>>>
>>
>
>
> >
--
Geert Bevin
Terracotta - http://www.terracotta.org
Uwyn "Use what you need" - http://uwyn.com
RIFE Java application framework - http://rifers.org
Music and words - http://gbevin.com
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"rife-users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/rife-users?hl=en
-~----------~----~----~----~------~----~------~--~---
