Seppo Sahi wrote:
> Hi,
>
>
>
> Can anyone give me some pointers on how to do authentication with midgard?
>
>
>
> I need to simply verify that a person with correct ViewerGroup
> permissions has logged in. If that is not the case then redirect to
> login page. No need for great security, just the simplest possible
> solution that works.
>
> My current situation is that my site gives “Error 401: Unauthorized”
> whenever person with incorrect UserGroup permissions tries to access
> page. Instead I would like to have a login page shown.
Are you making something like an extranet? If so, I'd recommend you
doing this in a bit different way. ViewerGroups is handled in very early
state (before sending HTML headers). One problem is also that
'midcom-template' is run only after checking the ViewerGroups, which
makes it impossible to override headers set by Midgard.
There is a nice workaround, which allows you to stay in the original
URI. You could have something like this set in <(ROOT)> style element:
---
<?php
if (substr($_MIDGARD['uri'], 0, 8) !== 'extranet' || $_MIDGARD['user'])
{
?>
<(content)>
<?php
}
else
{
<(login)>
}
?>
---
and then create a style element called 'login':
---
<form method="POST" action="&(midgard.uri);">
<fieldset>
<legend>Protie login</legend>
<label for="midcom-template-username">
Username:
<input type="text" name="midcom_site[username]"
id="midcom-template-username" size="20" />
</label>
<label for="midcom-template-password">
Password:
<input type="password" name="midcom_site[password]"
id="midcom-template-password" size="20" />
</label>
<input class="loginform-submit-button" type="submit"
name="midcom_site[login]" value="Login" />
<div class="disclaimer">
This site uses the secure NemeinAuthentication library for
authentication.
Please ensure that your browser allows cookies to be set by this server.
</div>
</fieldset>
</form>
---
You can see that this method relies on URI name spacing and is in this
example set for the first level node 'extranet'. This isn't a handy way
to deal with AIS, since you have to hard-code the parts which require
authentication.
If someone has a better idea, I wouldn't mind hearing it.
> BTW. Is there a bug in AIS when setting UserGroup permissions. The
> folder always disappears from the navigation whenever I change it’s
> UserGroup permission.
It shouldn't disappear if you have logged in but yes, it will disappear
if ViewerGroups is set to a group the person viewing doesn't belong to.
This you can take as a feature.
--
Arttu Manninen
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
