I just checked: on that non-initial page (xslt/common.xsl) the value of variable isUser is an empty string.
What is that: /root/secure:securityProfile/secure:roles/secure:role[.="mbr-user"]' ? Is that a page parameter, securityProfile or retrieved from the database? Any pointers ? I am new to Cocoon and XSLT. Thank you in advance, Oleg. --- Oleg Konovalov <[EMAIL PROTECTED]> wrote: > Hi, > > I am modifying somebody else's Cocoon application. > I need to disallow users with some specific role > to see certain parts of the screen (pseudo-menu). > > An existing mechanism for that is: > <xsl:variable name='isUser' > select='/root/secure:securityProfile/secure:roles/secure:role[.="mbr-user"]'/> > > ... > > <xsl:if test='not($isUser)'> > <td><a href="sil/main_sil" target="_parent"> > <img src="images/common/sitenav.gif" width="114" > height="45" > border="0" /></a></td> > </xsl:if> > > That "mbr-user" role is configured in web.xml & database, > the user has this role [defined in the database]. > > That seems to work on initial page [index.xsl], > but doesn't work on subsequent pages (in another folder). > > Any clues why it doesn't and how to fix that? > (everything else works fine) > > Thank you in advance, > Oleg. > > --- Oleg Konovalov <[EMAIL PROTECTED]> wrote: > > > Hi, > > > > I am trying to configure my Cocoon application > > so that particular role has access only to > > the app root [login.xsl, index.xsl] > > but not to other directories. > > > > But is seems that as soon as I put "/" or "/*", > > it gets access to all directories under the root. > > > > Snippet from web.xml: > > <security-constraint> > > <web-resource-collection> > > <web-resource-name>App Root only</web-resource-name> > > <url-pattern>/*</url-pattern> > > </web-resource-collection> > > <auth-constraint> > > <role-name>role1</role-name> > > </auth-constraint> > > </security-constraint> > > > > How do I restrict access to the root only ? > > > > > > Thank you in advance, > > Oleg. > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: > [EMAIL PROTECTED] > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
