Hi, It seems well known that we can only access to authentication context inside a protected area... Looks strange because some "public" pages may look slighty different when someone is authenticated (show a username for example).
The solution (weird but taken from the docs) seems to auth-protect every public space pipelines without handler parameter: " If the pipeline does not use the auth-protect action or the parameter handler is missing, the document is accessible by any user." But it doesn't work: "org.apache.cocoon.ProcessingException: Unknown handler to check: null" The solution i see is to use the 'UserStatus' stored in the session after a sucessfull login, and try to reget the xml profile. Now, perhaps it will be a lot simpler (and efficient) to put the authentication context in a permanent session space (ie alive not only during an auth-protect action, but as long as the authentication is valid). What about the impossibility to retrieve the profile with jxtg ? I don't want to use sitemap parameters, we've got 10 of tags with differents attributes inside our profiles (we need the dom), and I don't want to go through flowscript, put something in the FOM session, and go back to jxtg: it's really ugly :-) What do you think ? --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
