The Cocoon authentication framework does not provide the generator or PermissionSelector I described below. I wrote those two components for our needs. Sorry if I misled you, but I was trying to illustrate how you can tie Cocoon's authentication framework to your own. Basically, you need to write a generator. The documentation on the authentication framework is at http://cocoon.apache.org/2.1/developing/webapps/authentication.html.
As far as redirecting to different pages based upon permissions, that is only one possibility. It is entirely possible to pass permissions as XML into a stylesheet to cause the page to be generated differently based on permissions. Ralph > -----Original Message----- > From: Gianluca Sartori [mailto:[EMAIL PROTECTED] > Sent: Wednesday, December 10, 2003 12:05 AM > To: [EMAIL PROTECTED] > Subject: RE: Authentication and Autorization > > > So I use a generator to get User info. Then with the > PermissionSelector > I can decide what to do. Uhmm, This means I must redirect to different > pages depending on permission owned by the user? (stupid question, I > know, but I'm still studying cocoon, it's a big beast...). > Sometimes it > is useful to move the logic from the sitemap into the page and take > decision in there instead of having multiple pages for each user type. > Or at least, this is what I've done till now. Probably is not so > different, anyway. > > > The second component is a PermissionSelector which is very > similar to the > > ExceptionSelector. When configuring the selector you define > the permissions > > that can be checked and then the selector actually checks > to see if the end > > user has the requested permission. The selector uses the > object saved in the > > session by the generator to do the permission check. > > I'll check. Could you point me to some documentation if it exists? > > > Thanks for all, > Gianluca > > > > > > Ralph > > > > > -----Original Message----- > > > From: Gianluca Sartori [mailto:[EMAIL PROTECTED] > > > Sent: Tuesday, December 09, 2003 7:08 AM > > > To: [EMAIL PROTECTED] > > > Subject: Authentication and Autorization > > > > > > > > > Hi all, > > > > > > I'm adapting an authentication/authorization system we > > > are using within > > > normal JSP/servet pages. It consists of a simple class > which must be > > > instantiated at the beginning of the page. It knows where > to redirect > > > the user for authentication and within the JSP/Servlet > you can use its > > > methods to get user information such as the username, fullname, > > > telephone, etc. > > > > > > What's the best place to incapsulate the funcionalities > > > provided by this > > > class? I'm buiding an action for authentication purposes > and I plan to > > > develop a logicsheet to incapsulate authorization > primitives so I can > > > declaratively decide whether to make available some data or not > > > depending on the current user role. > > > > > > Is this the way to go? I thought about incapsulate my > class into an > > > action, but this way I don't know how to take > authorization decisions. > > > For example I need one "edit" link if the user has the > "Editors" role, > > > but none if s/he has the "User" role. I don't want to create two > > > different pages for this. > > > > > > Any help? > > > > > > Thanks, > > > Gianluca > > > > > > -- > > > Gianluca Sartori ELIS - SIE - > Software Development > > > > > > Via Sandro Sandri, 81 (tel) +39 > 06.43.56.03.55 > > > 00159 Rome - Italy (fax) +39 > 06.43.56.03.99 > > > > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > -- > Gianluca Sartori ELIS - SIE - Software Development > > Via Sandro Sandri, 81 (tel) +39 06.43.56.03.55 > 00159 Rome - Italy (fax) +39 06.43.56.03.99 > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
