Re: How to access the security handler/authentication context infofromsub-sitemap?

[Leon Widdershoven]

Gautam,

I'm only guessing here, but you couldn't rewrite the link in your parent 
sitemap to pass
the jsession id as a request param or something like that?

or put a encodeURL before the next call (e.g. the redirect or something)?

If that's not the case I'm out of ideas:(

In any case the best of luck!

Leon

Gautam Ganguly wrote:

Leon,
   You see thats what i was trying to achieve by using the
auth-protect action in the sub-sitemap.Because the "authentication
context " is only accessible inside a pipeline  protected  by the
auth-protect action...
  Also,when a sub-sitemap gets mounted and if you are using encode-URL
in the sitemap to generate a session-id,it doesn't get passed to the
loaded sitemap..which i think, is creating these problem..unless like
always i am just missing something very small!!
regards
Gautam
 

[EMAIL PROTECTED] 04/18/04 03:08PM >>>
       

It would be interesting to see whether the session transformer can get

information out
of the authentication context using getxml.
<xsp-session:getxml context="authentication" 
path="authentication/data/foo"/>

and then use <transform type="session"/> in the subsitemap. The handler

may not be knowm,
bit the context *could* be available.
Leon

Gautam Ganguly wrote:

 

Leon,
..and thats what i am currently doing.But then my need also,is to
   

get
 

hold of the current user info that i have stored in the
   

authentication
 

context..so i could use that for logging purposes in the
   

child-webapp.
 

Something like a single-signon kind of setup.
I think you did a lot, to help me out with all your suggestions .I
   

do
 

appreciate that:)
regards
Gautam


   

[EMAIL PROTECTED] 04/18/04 02:44PM >>>
      

         

As I understood that section, you cannot referencethe authentication 
handler in the subsitemap. I think
the directory in which the subsitemap resides should be accessed from
   

 

within the protected part of the
parent sitemap.
e.g. a match=""protected/subdir/**.html" within the parent sitemap 
should do the
authentication, and the subsitemap does not know anythink about 
authentication.

it works becuase sitemaps are recursively read when a request comes
in.
That however is as far as *i* understood it. I've never tried it, so
   

I
 

should probably just shut up:)

leon

Gautam Ganguly wrote:



   

hi Leon,
I had read that..and thats why i am confused as to how do go about
it,bcos on that page under the "Working with subsitemaps" section..
the very first line says.."The common solution for the framework and
subsitemaps is to define the handler (in the main sitemap."..i tried
that:
1)When i just declare the handler in the main-stemap only,the
sub-sitemap doesn't seem to find it.
2)When i the handler in the sub-sitemap(as you had suggested),then
     

it
 

just takes me to the login screen,as if the user is accessing the
resource for the first time..
But in that page..it also mentions this "The definition of handlers
  

     

in

   

a sub-sitemap is a TODO and will be available in the next release.
  

     

..."

   

..which release is that??

regards,
Gautam  





  

     

[EMAIL PROTECTED] 04/18/04 02:06PM >>>
     

        

           

You did read:
http://www.aerialbear.com/cocoon/documents/developing/webapps/authentication.html
     

 

  

     



   

(search for subsitemap) ?

Gautam Ganguly wrote:



  

     

hi Leon,
I tried that,but that creates a totally new security handler,which
takes me through the whole login process again.The docs talk about
accessing the parent sitemaps handler in the sub-sitemap,but i
 

    

       

haven't

  

     

seen any examples yet,as to how to do that.Anything else...?
But still, i thank you  for your suggestion and your time.
regards,
Gautam


 

    

       

[EMAIL PROTECTED] 04/18/04 01:30PM >>>
    

       

          

             

I think you need to define the authentication manager in the
sub-sitemap 
also.

Leon

Gautam Ganguly wrote:



 

    

       

hi all,
I am using cocoon-2.1.2.
This is how the main-sitemap looks like:
<map:sitemap .....
....
....
<map:component-configurations>
<authentication-manager>
<handlers>
 <handler name="Securityhandler">
        <redirect-to uri="cocoon:/login.html"/>
        <authentication uri="cocoon:raw:/db-auth-func"/>
 </handler>
</handlers>
</authentication-manager>
</map:component-configurations>
The auth-protect does everything as the doc says.

But in the sub-sitemap,which handles the child-webapp..i have the

   

      

         

need

 

    

       

to access the authentication context info of the current logged in
user.On putting the auth-protect action in the sub-sitemap,the
sub-sitemap 
keeps saying "Unknown handler to check:Securityhandler"

This is how the sub-sitemap looks like:
<map:sitemap...
<map:pipeline>
  <map:match pattern="*.html">
        <map:act type="auth-protect">
	<map:parameter name="handler" value="Securityhandler"/> 
       <map:match pattern="index.html">
	      <map:call resource="show-page">
	         <map:parameter name="filename" value="index"/>
	         <map:parameter name="full-filename" value="index"/>
	       </map:call>
         </map:act>
         <!-- something was wrong, redirect to login page -->
	<map:redirect-to uri="context://Mainapp/login.html"/>
       </map:match>
</map:match>
</map:pipeline>

If someone could help me,as to how this can be done..i would
         

highly
 

appreciate that.

with regards,
Gautam
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED] 
For additional commands, e-mail: [EMAIL PROTECTED] 





   

      

         

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED] 
For additional commands, e-mail: [EMAIL PROTECTED] 



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED] 
For additional commands, e-mail: [EMAIL PROTECTED] 



 

    

       

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED] 
For additional commands, e-mail: [EMAIL PROTECTED] 



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED] 
For additional commands, e-mail: [EMAIL PROTECTED] 



  

     

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED] 
For additional commands, e-mail: [EMAIL PROTECTED] 



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED] 
For additional commands, e-mail: [EMAIL PROTECTED] 



   



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED] 
For additional commands, e-mail: [EMAIL PROTECTED] 



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
 



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]