Thanks again, Andreas. I chose to go with the standard Login.java and Logout.java for now and just reference them in their respective xconf-files. It works just as intended now. Beautiful! ;-)
After logging in via this method - a special user-page is also displayed. After logging out - the front-page is displayed. Any other attempt at viewing pages requiring authorization will show the normal Login.jx view as in the acusecases module. This is probably how some others want their Lenya site to work as well. For completeness and perhaps as help for others - here is (verbosely for other newbies) how I got this working: (I am just changing the xconf files, really; and then referencing the normal login/logout handler classes) As Andreas suggested, I want to have a separate module handle this - just like the normal acusecases is a module and handle the login/logout process. First I copied the modules-core/acusecases into *pubs/default/modules/acusecasesnoview* Then deleting *acusecasesnoview/usecases * (since the views loing.jx/logout.jx) will not be used) and deleting *acusecasesnoview/java* (since I will be using the standard login/logout handling) directories. I left the acusecasesnoview/resources and acusecasesnoview/test intact, since I might want to use them later on. *For now a failed login results in a separate page with the message "Could not execute usecase: * Authentication failed".* This can probably be handled different with some sitemap magic, or like Andreas suggested. Changing *acusecasesnoview/config/module.xml* into the following: <module xmlns="http://apache.org/lenya/module/1.0";> <id>org.apache.lenya.modules.acusecasesnoview</id> <!-- <export package="org.apache.lenya.cms.ac.usecasesnoview"/> <depends module="org.apache.lenya.cms.ac.usecases"/> --> <package>org.apache.lenya.modules</package> <version>0.1</version> <name>Page- and view-less access control usecases</name> <lenya-version>@lenya.version@</lenya-version> <description>Page- and view-less access control usecases</description> </module> Note: trying to add/enable the <depends module ...> made the build fail. It's commented out above. Then having the actual views removed by changing the login xconf into pubs/default/modules/acusecasesnoview/config/cocoon-xconf/usecases- ac-noview-login.xconf: <xconf xpath="/cocoon/usecases" unless="/cocoon/usecases/[EMAIL PROTECTED] = 'ac.noviewlogin']"> <component-instance name="ac.noviewlogin" logger="lenya.ac" class=" org.apache.lenya.cms.ac.usecases.Login"> </component-instance> </xconf> While the one for logout into pubs/default/modules/acusecasesnoview/config/cocoon-xconf/usecases- ac-noview-login.xconf: <xconf xpath="/cocoon/usecases" unless="/cocoon/usecases/[EMAIL PROTECTED] = 'ac.noviewlogin']"> <component-instance name="ac.noviewlogin" logger="lenya.ac" class=" org.apache.lenya.cms.ac.usecases.Login"> </component-instance> </xconf> The next thing to remember is the * pubs/default/config/access-control/usecase-policies.xml* and add: <usecase id="ac.noviewlogout"> <role id="visit" method="grant"/> </usecase> <usecase id="ac.noviewlogin"> <role id="visit" method="grant"/> </usecase> Finally, the module needs to be included in the (default, in this case) publication by adding to *pubs/default/config/publication.xml* with the following: <module name="acusecasesnoview"/> Then the XSLT for including the immediate login/logout form into a page is as follows: <xsl:choose> <xsl:when test="$userid"> <div> <span style="font-size: small; margin-right: 2em;">Logged in as </span><strong><xsl:value-of select="$username"/></strong> (<xsl:value-of select="$userid"/>) <a style="margin-left: 4em;" href="/default/live/index.html?lenya.usecase= ac.noviewlogout">Logout</a> </div> </xsl:when> <xsl:otherwise> <form name="login" id="login" method="get" action="/default/live/user.html"> <div style="float: left; margin-right: 4em;"> <label for="name">Username: </label> <input class="lenya-form-element" name="username" type="text" value="" /> <label for="password"> Password: </label> <input class="lenya-form-element" name="password" type="password" /> <input class="login" name="lenya.usecase" type="hidden" value="ac.noviewlogin" /> <input class="login" name="referrerQueryString" type="hidden" value="" /> <input name="submit" type="submit" value="Login" /> </div> </form> <a href="?lenya.usecase=admin.addUser&className= org.apache.lenya.ac.file.FileUser&userType=Local+User&input-add_user=Local+User">Register new user</a> <div style="clear: both;"></div> </xsl:otherwise> </xsl:choose> I have created a document with path "/index" which results in "/default/live/index.html" and of doctype "homepage". I chose to have this login-field above the tabs-section for now. I added the above XSLT to the file *pubs/default/xslt/page2xhtml-homepage.xsl* . I also added two parameters to this file: <xsl:param name="userid"/> <xsl:param name="username"/> And these two get sent by the sitemap in *pubs/default/sitemap.xmap* at the matcher <map:match pattern="lenyabody-*/*/*/*/**"> by adding: <map:parameter name="userid" value="{access-control:user-id}"/> <map:parameter name="username" value="{access-control:user-name}"/> Just some notes on the XSLT and the forms - */default/live/user.html* is the user homepage which is served after a successful login attempt. Setting access-control for this URL subtree will always require login - and show the normal login screen if trying to access otherwise. After logging out, I chose to send the user to */default/live/index.html*which is the front-page of the site. There is still the XSLT of handling registration of new users, and displaying this nicely. Perhaps a similar technique to the login/logout is possible - displaying a different view than the standard admin-adding-user view by overriding with a custom module again. Ok, that was it for now. A slight thing still hanging with the handling of failed logins, which probably need to be overridden like Andreas mentioned earlier. But at least this is getting on the right track. Cheers, Gringinho On Tue, Feb 26, 2008 at 6:16 AM, Andreas Hartmann <[EMAIL PROTECTED]> wrote: > Andreas Hartmann schrieb: > > Gringinho schrieb: > >> Another thought: > >> with the ac.login usecase, is the "correct way" now to add a > >> ac.mylogin usecase > >> and set a configuration of: > >> > >> modules-core/acusecases/config/cocoon-xconf/usecase-ac-*mylogin*.xconf > > > > Yes, though I'd rather place it in a custom module and call it e.g. > > "ac.loginWithoutForm". > > > > > >> *without a component view?* > > > > Yes. But if you want to show an error message if the login failed, you > > have to take care of this yourself. > > > > One option would be to override the Login class and attach the error > > message to the session so that it can be displayed on the subsequent > > page. It's a bit tricky, though, since you have to delete the message > > from the session as soon as you fetch it (e.g. using a custom > > SessionInputModule). > > > > Another option would be to override getExitQueryString() and attach a > > request parameter containing the error message. I guess this would be > > more convenient. > > > >> Will this effectively rid the displaying of the intermittent > >> login-screen? > > > > Yes, it should. If not, you can file a bug :) > > > >> And the same approach for an immediate logout URL using a > >> "?lenya.usecase=ac.mylogout" ? > > > > Yes. > > > >> Further on, having a (as a blatant copy or slightly modified version > >> of Login.java): > >> > >> > > modules-core/acusecases/java/src/org/apache/lenya/cms/ac/usecases/*Mylogin*.java > >> > > > > You need this only if you want to alter the error handling (see above). > > Otherwise, you can just reference the Login class from the acusecases > > module. > > BTW, you should put this class also in a custom module and not in the > Lenya core. This will simplify maintenance a lot. > > -- Andreas > > > -- > Andreas Hartmann, CTO > BeCompany GmbH > http://www.becompany.ch > Tel.: +41 (0) 43 818 57 01 > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
