Hmm, that article doesn't mention anything about auth-login or auth-protect, which is what I'm using. auth-login seems to be the source of the buggy behavior for me.
I'm using Cocoon 2.1 on Tomcat 4.1.12 with JDK 1.4.1_01.
From: e nio <[EMAIL PROTECTED]>
Have you tried this excellent sample from Lajoz? http://www.javaworld.com/javaworld/jw-09-2002/jw-0920-cocoon_p.html This work for me on 2.1m2 and the newest 2.1 release.
enio --- Sonny Sukumar <[EMAIL PROTECTED]> wrote: > > > I'm using Cocoon version 2.1, and I downloaded it the day > after it was > officially released a week or two ago. I don't think it can > be anything but > a bug in Cocoon itself, which is very troubling to me since I > need this to > work. > > To reiterate what I think is the bug, the auth-login action > doesn't seem to > work--it just always redirects to the redirect-to document > defined in the > auth handler. > > I really would like to know if *anybody* out there is > successfully using the > authentication framework in Cocoon 2.1. Can anybody in the > developer > community help me out? Should I join that list and post on > there?? > > Thanks, > > Sonny > > > > > > >Sonny > > > >I have looked through all of this and I cannot see anything > wrong. > >I agree with your comment about the redirect only happening > within an > >auth-prodect. > >The only thing you are doing differently to me is that you > are using > >map:read and I use redirects on success and a full > >generate-transform-serialize process on failure. > > > >Which version of Cocoon are you using? Maybe there is a bug > in the > >version you are using??? > > > >Andrew > > > >Sonny Sukumar wrote: > > > Hi Andrew, > > > > > > My point was that the login page should never get > involved, since no > > > redirect should occur to it using auth-login. > Neverthless, I must be > > > missing something, so here's my authentication sitemap > code in its > > > entirety, including the handler configuration. Take a > look and let me > > > know if you see something amiss. > > > > > > <map:component-configurations> > > > ... > > > <authentication-manager> > > > <handlers> > > > <!-- Authenticates site administrators. --> > > > <handler name="adminAuthHandler"> > > > <redirect-to uri="cocoon:/getAdminLoginPage"/> > > > <authentication > uri="cocoon:/raw:/authenticateAdmin"/> > > > </handler> > > > </handlers> > > > </authentication-manager> > > > ... > > > </map:component-configurations> > > > > > > ... > > > > > > <!-- Generate and display the login page.--> > > > <map:match pattern="getAdminLoginPage"> > > > <map:generate src="myapp/xml/adminLogin.xsp" > type="serverpages"/> > > > <map:transform type="session"/> > > > <map:serialize type="xml"/> > > > </map:match> > > > > > > <!-- Try to log in the admin. --> > > > <map:match pattern="adminLogin"> > > > <map:act type="auth-login"> > > > <map:parameter name="handler" > value="adminAuthHandler"/> > > > <map:parameter name="parameter_userName" > > > value="{request-param:userName}"/> > > > <map:parameter name="parameter_password" > > > value="{request-param:password}"/> > > > > > > <map:read > src="myapp/html_test/authSucceeded.html"/> > > > </map:act> > > > > > > <!-- Authentication failed --> > > > <map:read src="myapp/html_test/authFailed.html"/> > > > </map:match> > > > > > > <!-- My auth resource, as defined in the handler. --> > > > <map:match pattern="authenticateAdmin"> > > > <map:generate src="myapp/xml/authenticateAdmin.xsp" > > > type="serverpages"/> > > > <map:serialize type="xml"/> > > > </map:match> > > > > > > <map:match pattern="adminLogout"> > > > <map:act type="auth-logout"> > > > <map:parameter name="handler" > value="adminAuthHandler"/> > > > <!--+ > > > > > > | ::UNRESOLVED ISSUE:: SS 08/19/03 > > > | > > > | Admin logout succeeded, so tell admin in some > way, perhaps > > > | a static page. > > > > > > +--> > > > </map:act> > > > > > > <!--+ > > > > > > | ::UNRESOLVED ISSUE:: SS 08/19/03 > > > | > > > | Admin logout failed. Is that even possible? > What to do > >here? > > > > > > +--> > > > </map:match> > > > > > >> From: Andrew Timberlake <[EMAIL PROTECTED]> > > >> Reply-To: [EMAIL PROTECTED] > > >> To: [EMAIL PROTECTED] > > >> Subject: Re: 1 more auth question.. > > >> Date: Sun, 24 Aug 2003 12:58:22 +0200 > > >> > > >> Sonny > > >> > > >> I've had a look and I'm not sure why this is happenning. > > >> There are bits of the sitemap missing which are still > part of the auth > > >> process such as your login page itself. Maybe the problem > lies there > > >> somewhere??? > > >> > > >> Sorry I can't help further. > > >> > > >> Andrew > > >> > > >> Sonny Sukumar wrote: > > >>> Update: I was mistake before when I said that if the > login suceeds, > > >>> the correct html file is shown. It's not. Rather, in > both cases I'm > > >>> redirected to the pipeline defined in the authentication > handler. > > >>> > > >>> To reiterate, this confuses me because I thought no such > redirect > > >>> should ever occur with auth-login, but rather only with > > >>> auth-protect. Again, take a look at the sitemap snippet > from my > > >>> original post (below here). > > >>> > > >>> Any insights would be great, > > >>> > > >>> Sonny > > >>> > > >>>> From: "Sonny Sukumar" <[EMAIL PROTECTED]> > > >>>> > > >>>> > > >>>> > > >>>> > > >>>> > > >>>> Hi Andrew, > > >>>> > > >>>> Thanks for that tip. But there seems to be something > else going on > > >>>> as well.... > > >>>> > > >>>> If the login succeeds, the correct static html file is > shown (see > > >>>> the the sitemap snippet I gave before--below), but if > it fails then > > >>>> I end up being redirected to the "redirect-to" page > defined for the > > >>>> auth handler. I thought that if the auth-login fails, > then it would > > >>>> just read whatever comes after the action (another > static html file, > > >>>> for testing at least). > > >>>> > > >>>> To add to the strangeness, the redirected to page (a > login page I > > >>>> generate) shows the originally requested URI (I embed > the > === message truncated ===
__________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
_________________________________________________________________ MSN 8: Get 6 months for $9.95/month. http://join.msn.com/?page=dept/dialup
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
