RE: How to make some tamplet public (ie no login requiered)

Mon, 25 Feb 2002 09:17:49 -0800 

In TemplateSessionValidator, doPerform
(http://cvs.apache.org/viewcvs/jakarta-turbine-2/src/java/org/apache/turbine
/modules/actions/sessionvalidator/TemplateSessionValidator.java?rev=1.3&cont
ent-type=text/vnd.viewcvs-markupthere) is the following code:


       // The user may have not logged in, so create a "guest" user.
        if ( data.getUser() == null )
        {
            data.setUser(TurbineSecurity.getAnonymousUser());
            data.save();
        }

Could I make use of that ? If yes how does it work ?
Thanks,
Benjamin
-----Original Message-----
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
che.org]On Behalf Of Jason van Zyl
Sent: 25 February 2002 17:21
To: Turbine Users List
Subject: Re: How to make some tamplet public (ie no login requiered)


On Mon, 2002-02-25 at 12:10, Benjamin Hille wrote:
> Hello,
> I am using the TDK for Turbine 2.1, and I cannot find a way of making part
> of my layout/template public.
> Most of my aplication needs logging to be used but, i have a part which
must
> be freely accessible also this part has his own layout.
> Thanks in advance for your help.

With Turbine 2.x all the session validators require security (which I'm
sure you've discovered now) ... So what I would recommend in a 2.x
environment is to create a SessionValidator that can take a peek at the
URL before doing anything. You can probably make something using a
simple string comparison (or even a regular expression) and if it's a
path that doesn't require security then by pass security.

You can probably modify one this file:

http://cvs.apache.org/viewcvs/jakarta-turbine-2/src/java/org/apache/turbine/
modules/actions/sessionvalidator/TemplateSecureSessionValidator.java?rev=1.3
&content-type=text/vnd.viewcvs-markup

Before the data.populate() you could do something like:

-> get url path
-> get a list of insecure paths from the TRP
-> if you get a match bypass security otherwise use security

Let me know if you need further help, this might be a class worth
introducing into the t2 branch.

> Benjamin
>
>
> --
> To unsubscribe, e-mail:
<mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail:
<mailto:[EMAIL PROTECTED]>
--
jvz.

Jason van Zyl
[EMAIL PROTECTED]

http://tambora.zenplex.org


--
To unsubscribe, e-mail:
<mailto:[EMAIL PROTECTED]>
For additional commands, e-mail:
<mailto:[EMAIL PROTECTED]>



--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Reply via email to