Just an idea how to solve this: - during authentication you can pass the group information in the XML that is stored in the session. - you can then write a "is-in-group"-selector and use that in the sitemap. So if someone wants to access students/group 2, the selector looks in the authentication xml stored in the session and grants only access if the user is in the appropriate role.
Thanks for your suggestions.
Let me try to rephrase this to see if I understand what you mean: * I use auth-actions to protect my top-level "students" directory; * The actions fetch XML-encoded authentication info from someplace; * Relevant user info, e.g. group membership, moves into session objects; * I use the session info in a selector, enclosed in the auth-actions; * The selector redirects, either to the protected document or login;
Right?
Sandor -- Information and Computing Sciences, Utrecht University Contact information, see: http://www.cs.uu.nl/people/sandor/ "Our minds are harnessed by knowledge, by the hill and the will to succeed". From: Fish, "Vigil in a wilderness of mirrors"
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
