Hi Geert,
ok added to Jira.
Ciao
Matthias
Geert Bevin schrieb:
> Hi Matthias,
>
> can you please add it to the Jira issue tracker and describe all this
> (copy paste of email snippets is ok). Then I wont forget it :-)
>
> Thanks!
>
> Geert
>
> On 22 May 2008, at 15:21, Matthias Barmeier wrote:
>
>
>> Hi Geert,
>>
>> perfect. I think this would be (at least for me ;) ) a real good
>> feature.
>>
>> Ciao
>> Matthias
>>
>>
>>
>> Geert Bevin schrieb:
>>
>>> Hi Matthias,
>>>
>>> I was thinking along the same lines, but instead with something
>>> generic, like:
>>>
>>> <property name="role">
>>> <list>
>>> <item>Client</item>
>>> <item>Admin</item>
>>> </list>
>>> </property>
>>>
>>> This would then create a list with those two item added to it.
>>>
>>> When used with Java to build the element, this would even be easier:
>>>
>>> .addProperty("role", Arrays.asList(new String[] {"Client",
>>> "Admin"}));
>>>
>>> What do you think?
>>>
>>> Best regards,
>>>
>>> Geert
>>>
>>> On 22 May 2008, at 12:51, Matthias Barmeier wrote:
>>>
>>>
>>>
>>>> Hi Geert,
>>>>
>>>> actually I have already implemented the comma separated roles ;).
>>>> But I
>>>> thought I have missed something in the docs as usual.
>>>>
>>>> I think it is OK to say that roles should not contain a comma. The
>>>> easiest solution would be to add a property named roles where a
>>>> comma
>>>> separated list of roles can be entered. This should solve 98% of the
>>>> needs.
>>>>
>>>> I don't like separators too and the cleanest way I think is
>>>> something like:
>>>>
>>>> <element id="AuthClient" extends="rife/authenticated/
>>>> memory.xml">
>>>> <property name="password_encryption">SHA</property>
>>>> <roles>
>>>> <role name="Admin"/>
>>>> <role name="Client"/>
>>>> </roles>
>>>> <property name="authvar_type">cookie</property>
>>>> <property name="template_name">authentication.admin</
>>>> property>
>>>> <submission name="credentials">
>>>> <param name="login"/>
>>>> <param name="password"/>
>>>> </submission>
>>>>
>>>> <childtrigger name="authid"/>
>>>> </element>
>>>>
>>>> But is it really a restriction to disallow role names with commas ?
>>>>
>>>> Ciao
>>>> Matthias
>>>>
>>>>
>>>> Geert Bevin schrieb:
>>>>
>>>>
>>>>> Hi Matthias,
>>>>>
>>>>> properties are key-value pairs, so if you set it multiple times,
>>>>> the
>>>>> last one will replace the earlier one. However, I'm surprised
>>>>> that I
>>>>> never ran into this multiple role problem before. Now that I
>>>>> think of
>>>>> it, I always had clearly defined sections of the sites I developed
>>>>> where when authentication was used, there was always one role that
>>>>> corresponded. When several roles applied, I always had
>>>>> information to
>>>>> show to everyone, and I used the user identification facility
>>>>> (http://rifers.org/wiki/display/RIFE/User+identification+facility
>>>>> ).
>>>>>
>>>>> Now, you should be able to quite easily support multiple roles for
>>>>> authentication elements since you already have a custom
>>>>> CredentialsManager. You could for instance separate different roles
>>>>> with commas and then adapt your verifyCredentials(Credentials)
>>>>> method
>>>>> to properly handle the separation of the roles.
>>>>>
>>>>> I'd like to support this by default in RIFE though since it seems
>>>>> like
>>>>> a shameful oversight. Have to think about how to best do this in a
>>>>> backwards compatible way (you never know if someone uses commas in
>>>>> his
>>>>> role names!).
>>>>>
>>>>> Hope this helps,
>>>>>
>>>>> Geert
>>>>>
>>>>>
>>>>> On 22 May 2008, at 11:34, Matthias Barmeier wrote:
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> My CredentialsManager works perfect evrything looked good but now
>>>>>> I am
>>>>>> stuck again. I have an Element that can be used from admins and
>>>>>> users. I
>>>>>> defined this with:
>>>>>>
>>>>>> <element id="AuthClient" extends="rife/authenticated/
>>>>>> memory.xml">
>>>>>> <property name="password_encryption">SHA</property>
>>>>>> <property name="role">Client</property>
>>>>>> <property name="role">Admin</property>
>>>>>> <property name="authvar_type">cookie</property>
>>>>>> <property name="template_name">authentication.admin</
>>>>>> property>
>>>>>> <property
>>>>>> name
>>>>>> =
>>>>>> "credentialsmanagerfactory_class
>>>>>> ">de.sourcepark.ms2.rife.MS2CredentialsManagerFactory</property>
>>>>>> <submission name="credentials">
>>>>>> <param name="login"/>
>>>>>> <param name="password"/>
>>>>>> </submission>
>>>>>>
>>>>>> <childtrigger name="authid"/>
>>>>>> </element>
>>>>>>
>>>>>> and
>>>>>>
>>>>>> <element id="CustomerChangePw"
>>>>>>
>>>>>> implementation="de.sourcepark.ms2.rife.customer.EditCustomerPw"
>>>>>> url="/customerchangepw" inherits="AuthClient">
>>>>>> <inbean name="customer" prefix="pre_"
>>>>>>
>>>>>> classname="de.sourcepark.ms2.rife.customer.CBCustomerPwEdit"/>
>>>>>> <autolink srcexit="CustomerList"/>
>>>>>> </element>
>>>>>>
>>>>>> Everything works fine when I login with accounts that have the
>>>>>> admin
>>>>>> rolle assigned to. When I try to login as normal user I always get
>>>>>> an
>>>>>> invalid credentials error.
>>>>>>
>>>>>> When debugging my CredentialsManager I checked the credentials I
>>>>>> get
>>>>>> as
>>>>>> parameter in the verifyCredentials method the credentials with
>>>>>> password
>>>>>> and username as expected but the role is always set to Admin.
>>>>>> When I
>>>>>> remove the Admin role form the AuthClient element the role is
>>>>>> always
>>>>>> set
>>>>>> to Client. Shouldn' t the credentials given containing all the
>>>>>> roles
>>>>>> allowed for the element ?
>>>>>>
>>>>>> Where is my fault ?
>>>>>>
>>>>>>
>>>>>>
>>>>> --
>>>>> Geert Bevin
>>>>> Terracotta - http://www.terracotta.org
>>>>> Uwyn "Use what you need" - http://uwyn.com
>>>>> RIFE Java application framework - http://rifers.org
>>>>> Music and words - http://gbevin.com
>>>>>
>>>>>
>>>>>
>>>>>
>>> --
>>> Geert Bevin
>>> Terracotta - http://www.terracotta.org
>>> Uwyn "Use what you need" - http://uwyn.com
>>> RIFE Java application framework - http://rifers.org
>>> Music and words - http://gbevin.com
>>>
>>>
>>>
>>
>
> --
> Geert Bevin
> Terracotta - http://www.terracotta.org
> Uwyn "Use what you need" - http://uwyn.com
> RIFE Java application framework - http://rifers.org
> Music and words - http://gbevin.com
>
>
> >
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"rife-users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/rife-users?hl=en
-~----------~----~----~----~------~----~------~--~---
