you might have a look at JetSpeed sources; specifically
at a class that extends TemplateSessionValidator.
Also set the default login page to null in TR.props.
jakob
On Wed, Jun 26, 2002 at 02:39:18PM +0100, Alex McLintock wrote:
>
> I am trying to find out the "proper" way to do anonymous users. I've been
> looking through the docs, and mail list archives and I'm seeing conflicting
> - or vague info.
>
> Imagine say I have a public web enabled database where most people can
> search and view for free without registration as a user. Admin Users do
> need to be a registered and logged in user to perform administration functions.
>
> I initially made all my screens and actions subclasses of SecureScreen and
> SecureAction by following the newapp example but of course some pages don't
> have to be secure. I have two choices as far as I can see.
>
> Option 1)
> I can change the relevant java classes to be subclasses of VelocityScreen
> and Velocity Action.
>
> Option 2)
> I can ammend the isAuthorized method of SecureScreen and SecureAction so
> that the user is automatically logged in as "Visitor" a special user I
> create for the normal user.
>
> Are either of these correct?
>
> With option 1 : does the user have a session ?
> With option 2 : do the users have separate sessions or do they share one?
>
> I am currently trying option 2 but I seem to have problems with sessions
> not working properly....
>
>
>
> PS I am using TUrbine 2.1 and Tomcat 4.0.something in case that makes a big
> difference....
>
> Here is an example of the modified "isAuthorized" I am trying.
>
> protected boolean isAuthorized( RunData data ) throws Exception
> {
> boolean isAuthorized = false;
> AccessControlList acl = data.getACL();
> if (acl==null || ! acl.hasRole("turbine_root"))
> {
> try{
> Log.info("Attempting to setup a default login");
> // Alex's suggestion -->
> TurbineUser anonUser = (TurbineUser) TurbineSecurity.
> getAuthenticatedUser("visitor","visitor");
> if(anonUser != null) {
> Log.info("Attempting to login as user visitor");
> anonUser.setHasLoggedIn(new Boolean(true));
> data.setUser(anonUser);
> }else {
> Log.info("but unfortunately we redirect to the login
> screen")
> data.setScreenTemplate(
> TurbineResources.getString("template.login"));
> isAuthorized = false;
> }
> } catch (Exception e) {
> Log.error("When trying to set user as anonymous : " +
> e.toString());
> }
> }
> else if(acl.hasRole("turbine_root"))
> {
> isAuthorized = true;
> }
> return isAuthorized;
> }
>
> Alex
>
>
>
> Openweb Analysts Ltd, London: Software For Complex Websites
> http://www.OWAL.co.uk/
> Free Consultancy for London Companies thinking of Open Source Software.
>
>
> --
> To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
