We have a problem with Cocoon Authentication
We have created the following in our sitemap:
<map:component-configurations>
<authentication-manager>
<handlers>
<handler name="alleen_voor_leden">
<redirect-to uri="/aanmeldfout.html"/>
<authentication uri="cocoon:raw:/cdls_authenticate"/>
</handler>
</handlers>
</authentication-manager>
</map:component-configurations>
We have the following login-page:
<map:match pattern="cdls_login">
<map:act type="auth-login">
<map:parameter name="handler" value="alleen_voor_leden"/>
<map:parameter name="parameter_user_id" value="{request-
param:username}"/>
<map:parameter name="parameter_password" value="{request-
param:wachtwoord}"/>
<map:redirect-to uri="/service_submenu_kinderen.html"/>
</map:act>
<!-- failed: -->
<map:redirect-to uri="/aanmeldfout.html"/>
</map:match>
<!-- This is the authentication resource -->
<map:match pattern="cdls_authenticate">
<map:generate src="authentication/userlist_cdls-nl.xml"/>
<map:transform src="authentication/authenticate.xsl">
<map:parameter name="use-request-parameters" value="true"/>
</map:transform>
<map:serialize type="xml"/>
</map:match>
If authentication was succesfull it should be able to give use the
following "secure" pages...
<map:match pattern="*_alleen_voor_leden_*.html">
<map:act type="auth-protect">
<map:parameter name="handler" value="alleen_voor_leden"/>
<map:match pattern="*_alleen_voor_leden_*.html">
<map:aggregate element="page">
<map:part src="cocoon:/header_artikel_{1}.xml"/>
<map:part src="cocoon:/index_artikel_{1}.xml"/>
<map:part src="cocoon:/content_{2}.xml"/>
</map:aggregate>
<map:transform src="style/xsl/content_artikel2html.xsl"/>
<map:serialize/>
</map:match>
</map:act>
</map:match>
If a user uses the login page and passes the right username and
password he/she will see the:
<map:redirect-to uri="/service_submenu_kinderen.html"/>
Because this is succesfull he/she should be able to connect to
"secure" pages, but this fails and user gets:
<map:redirect-to uri="/aanmeldfout.html"/>
In our test situation all works fine, but we get the problem on our
live site.
The live site is different from test site :
Test site url like localhost:8080/cocoon/cdls/info_index.html
Live site url like www.xxxx.org/info_index.html (using mod_proxy, see
configuration below)
Also in our sitemap we had to change the uri's; adding a '/' ; so "/
aanmeldfout.html"/> on live site, "aanmeldfout.html"/> on test site
We suspect a COOKIE problem, because the cookie from our live site
contains a path /cocoon
Our site runs under Cocoon on a pc that hosts six websites, three of
which are
Cocoon based sites and the other three are plain Apache sites. All
sites are
declared as virtual hosts within Apache. For the Cocoon sites,
mod_proxy is
used to let Apache serve the Cocoon pages, as explained in this wiki
page:
http://wiki.apache.org/cocoon/ApacheModProxy
Here's the Apache 2.0 config file for the virtual host:
<VirtualHost *:80>
ServerAdmin [EMAIL PROTECTED]
ServerName www.cdls-nl.org
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this
directory, but
# symbolic links and aliases may be used to point to other locations.
DocumentRoot /var/sitecopy/cdls_content
# if not specified, the global error log is used
ErrorLog /var/log/apache2/cdls-nl.org-error_log
CustomLog /var/log/apache2/cdls-nl.org-access_log combined
# log IP addresses
HostnameLookups Off
UseCanonicalName Off
ServerSignature On
#
# Deny access to any request that doesn't start with a '/'
# This makes it impossible to use this server or virtual host
# as an open proxy.
#
<LocationMatch "^[^/]">
Deny from all
</LocationMatch>
#
# Make sure that the virtual host name is passed through to the
# backend servlet container for virtual host support.
#
ProxyPreserveHost On
#
# Pass /cgi-bin/ to Apache:
#
ProxyPass /cgi-bin/ !
#
# Pass requests to this site to another port at this machine.
#
ProxyPass / http://localhost:8085/cocoon/cdls/
ProxyPassReverse / http://localhost:8085/cocoon/cdls/
# Based on: http://wiki.apache.org/cocoon/ApacheModProxy
</VirtualHost>
In Tomcat's server.xml a connector is declared for every cocoon site
like this:
<Connector port="8085"
proxyName="www.cdls-nl.org" proxyPort="80"
maxThreads="20" minSpareThreads="5"
maxSpareThreads="10"/>
Tomcat listens to port 8080.
If the proxy rules are changed into
ProxyPass / http://localhost:8080/cocoon/cdls/
ProxyPassReverse / http://localhost:8080/cocoon/cdls/
and Apache is restarted, the problem still exists.
I don't know if we need these connectors.
The site runs SuSE Linux 9.2 on a Pentium pc with Sun Java 1.4.2,
Tomcat 5.0
and Cocoon 2.1.7
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
