Hello Elad, Wednesday, April 6, 2005, 2:20:12 PM, you wrote:
ME> Context etc. This is good, but I also need to check if the ME> user - now that I know it has been authenticated - has the ME> authorization of accessing the specific resource. ME> I was looking for an "Authorizator" interface, or ME> something similar, to allow me a hook where I can introduce the ME> code that will use the user's Role, with my database of ME> permissions. I cannot seem to find it.. AFAIK despite what doc says: "One central point in building a web application is authentication and authorization. The Cocoon authentication framework is a flexible module for authentication, authorization and user management." - Cocoon dont have any resource authorization support. I've created for own usage slighty modificated auth-protect action which is role sensitive. It looks like ordinary auth-protect action but requires role list which can access body of action (stuff between <map:act></map:act>). If role doesnt match user is redirected to page with info 'insufficient privileges'. It's really simple, just look at source code of this action to get idea how to modify it. Anyway I can send you pice of code... -- Best regards, Grzegorz Sikora --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
