mirko wrote:
Hi,
How can I access role information in the sitemap? I want to protect some pipelines to be only accessed by special users. I think I'll write an action that will put role to the parameters but maybe there is already written and better solution.
(The best would be for me that the component will put role info for the authenticated or put "guest" for the unauthenticated users)
BTW How can I get user's authorization info in flow? I'd like to get the user ID in the flow script.
I started to write my own AuthAction that will put the role info to sitemap but noticed that the session context is lost after authorization, are there any issues? I'm going to be a little bit frustraited because of bugs, lacks of documentation with Cocoon.
var contextMan = cocoon.getComponent(Packages.org.apache.cocoon.webapps.session.ContextManager.ROLE);
var authContext = contextMan.getContext("authentication");
var userfrag = authContext.getXML("/authentication/ID");
var rolefrag = authContext.getXML("/authentication/data/role");
user.username = Packages.org.apache.cocoon.xml.dom.DOMUtil.getValueOfNode(userfrag);
user.role = Packages.org.apache.cocoon.xml.dom.DOMUtil.getValueOfNode(rolefrag);
If you have multiple roles adjust accordingly and better put it within a Java component.
There is also already an input module to pass this info from the sitemap via:
<map:parameter name="username" value="{session-context:authentication/authentication/ID}"/>
Please note that the authentication context is only available from within protected sections.
HTH Guido
--
Guido Casper
-------------------------------------------------
S&N AG, Competence Center Open Source
Tel.: +49-5251-1581-87
Klingenderstr. 5 mailto:[EMAIL PROTECTED]
D-33100 Paderborn http://www.s-und-n.de
---------------------------------------------------------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
