Apart from authenticating a user, the authentication framework also describes some optional entries in the authentication handler for user management, e.g.: <load-roles uri="cocoon:raw:/internal/roles"/> See http://cocoon.apache.org/2.1/developing/webapps/authentication.html
The only implementation AFAIK, is the user management in the authentication framework as used by the (old) portal. To be more specific, it is implemented in the class: org.apache.cocoon.webapps.authentication.generation.ConfigurationGenerator.j ava This ConfigurationGenerator class invokes a cocoon pipeline and loads/saves the data from/to a flat xml file. So this is "out of the box". It gives you "add-modify-delete user functionality with *single* role management". But it is not used very often because I think the authentication framework itself has a steep learning curve and this generator is only documented in the api docs. And this generator uses the "click and show more details on the same page" approach; e.g. select a role and it will display the users for that role on the same page. When you want to use a multi-page "wizard" approach, you are out of luck (you can use the framework, but you have to do some coding yourself). And I would not call this generator "sophisticated" (delete a role, and all 200+ users for that role are deleted without a warning). Making it more sophisticated, would require a new implementation of this generator or use some combination of Woody+flow. But the framework itself is OK, so please use it as a starting point for a "sophisticated" user management. In case someone is interested: I replaced the flat file approach of the ConfigurationGenerator with a database and re-implemented the whole thing using Hibernate (it is implemented with an Avalon interface, so it should be easy to replace Hibernate with OJB). So this gives you a complete single role-based user management, using a database and an O/R mapping tool, but it inherits all the quirks of the original flat-file thing (by intention). Off course I would like to make this contribution more "sophisticated", but I am hesitating where to start and where to break the authentication-fw specs. For example: it is a problem that the role is not included in the authentication process. You have to check the credentials of the role afterwards. May be Carl Ziegler is listening... I prepared a wiki page and a zip file with examples, but I never did the upload because the Wiki was moving and Woody was being renamed, so it is probably broken. But if someone is interested... Hugo Burm > -----Original Message----- > From: Philipp Burkert [mailto:[EMAIL PROTECTED] > Sent: Wednesday, April 14, 2004 11:56 AM > To: [EMAIL PROTECTED] > Subject: Out-of-the-box sophisticated User Administration > > > Hi folks, > > I am currently building a CMS system in Cocoon 2.1.4. Within > this project > the Authentication Framework is used for access restriction. > > After I have read through the documentation I wonder if there is any > out-of-the-box user administration, that provides sophisticated > add-modify-delete user functionality with role management and > maybe even > email verification support. Something where I can just add my > XSLT files > would of course be the greatest... > > Thankx in advance > > PHILIPP BURKERT > [EMAIL PROTECTED] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
