Yes, not errors. The order now reads: virtualURI repositoryMapping contentSecurity servlets
However, accessing a protected document in the DMS still just throws a 404. No redirect to login page. Rakesh From: Jan Haderka <[email protected]<mailto:[email protected]>> Reply-To: Magnolia User-List <[email protected]<mailto:[email protected]>> Date: Mon, 16 May 2011 01:46:15 -0500 To: Magnolia User-List <[email protected]<mailto:[email protected]>> Subject: Re: [magnolia-user] Protect DMS resources? yep, as expected, moving both repositoryMapping and contentSecurity filter between virtualURI and servlets filters seems to work fine and didn't produce any errors in my brief test. HTH, Jan On May 16, 2011, at 7:59 AM, Jan Haderka wrote: i see, that's probably because it expects repository mapping ... maybe moving both, repoMapping and contentSecurity would work (I'll try and let you know :D ) Jan On May 13, 2011, at 6:42 PM, Rakesh Vidyadharan wrote: Moving/copying the contentSecurity filter up the chain, makes the application unusable (NPE). I will try and implement the logic from the filter into a custom dms servlet. Thanks Rakesh From: Jan Haderka <[email protected]<mailto:[email protected]>> Reply-To: Magnolia User-List <[email protected]<mailto:[email protected]>> Date: Fri, 13 May 2011 06:12:05 -0500 To: Magnolia User-List <[email protected]<mailto:[email protected]>> Subject: Re: [magnolia-user] Protect DMS resources? I'm afraid that what you need is the functionality executed by contentSecurity filter, but that is only part of cms subchain while DMS download servlet is executed prior to that. You can try to move the contentSecurity up in the chain before the servlets ... not sure of the results tho. In any case make sure you do not put it before cache filter. HTH, Jan On May 12, 2011, at 6:22 PM, Rakesh Vidyadharan wrote: Is it possible to protected DMS resources, so that access to specific items on the public instances take the user to the login screen? At the moment, it seems to just throw a 404 error, and a quick peek into the DMSDownloadServlet also seems to indicate that it assumes that the document is not protected? Is there some configuration that I missed, or do I need to write my own servlet that will check ACL and redirect to login screen as required? If I need to write a servlet, which servlet handles the same on the website? I could just try and combine the two servlets. Thanks Rakesh ________________________________ ---------------------------------------------------------------- For list details see http://www.magnolia-cms.com/home/community/mailing-lists.html To unsubscribe, E-mail to: <[email protected]<mailto:[email protected]>> ---------------------------------------------------------------- ________________________________ ---------------------------------------------------------------- For list details see http://www.magnolia-cms.com/home/community/mailing-lists.html To unsubscribe, E-mail to: <[email protected]<mailto:[email protected]>> ---------------------------------------------------------------- ________________________________ ---------------------------------------------------------------- For list details see http://www.magnolia-cms.com/home/community/mailing-lists.html To unsubscribe, E-mail to: <[email protected]<mailto:[email protected]>> ---------------------------------------------------------------- ________________________________ ---------------------------------------------------------------- For list details see http://www.magnolia-cms.com/home/community/mailing-lists.html To unsubscribe, E-mail to: <[email protected]<mailto:[email protected]>> ---------------------------------------------------------------- ---------------------------------------------------------------- For list details see http://www.magnolia-cms.com/home/community/mailing-lists.html To unsubscribe, E-mail to: <[email protected]> ----------------------------------------------------------------
