RE: Security and Authentication

Thu, 17 Nov 2005 16:36:15 -0800

{request:remoteUser} worked!  I thank you for your time.

 

For the record:

              <map:match pattern="user/home">

                    <map:generate src="">

                    <map:transform src="">

                        <map:parameter name="use-request-parameters" value="true"/>

                        <map:parameter name="use-session-info" value="true"/>

                        <map:parameter name="remoteUser" value="{request:remoteUser}"/>                         

                    </map:transform>

                    <map:transform type="encodeURL"/>

                    <map:serialize type="html"/>

              </map:match>       

 

One note:  I have spent three days looking around the Internet to solve this.  I am sure many people need to know the answer to this question.  I hope someone that has control of the docs can add something.  Otherwise, this post may help out.

 

Mike D.

 

-----Original Message-----
From: Andrew Stevens [mailto:[EMAIL PROTECTED]
Sent: Thursday, November 17, 2005 4:17 PM
To: [EMAIL PROTECTED]; [email protected]
Subject: RE: Security and Authentication

 

>From: "Mike Dickson" <[EMAIL PROTECTED]>

>Date: Thu, 17 Nov 2005 12:31:35 -0800

> 

>What data does Tomcat forward to Cocoon so I can tell which user has just

>logged in? I need to look up their data and have it ready for the user home

>page.  (What variables are handed to Cocoon to work with?  JSESSIONID?  How

>do I get at them? {request-param:..}?)

 

I haven't checked what's currently available in CVS, but in one of our

projects a while back I just modified the request parameter action (I think)

to put the getRemoteUser() value in an extra entry in the returned map. 

Then I just used that in the sitemap with {remoteUser}.

Another possibility (for which I submitted a patch - #35051 in bugzilla) is

to add it to the request generator output.  I have a vague feeling you can

also access it with the request input module ({request:remoteUser} maybe?)

though I might be wrong about that.

 

There's also a patch in bugzilla (#32164) that fixes the broken

RoleFilterTransformer, so you can make use of isUserInRole() privileges.

 

 

Andrew.

 

 

 

---------------------------------------------------------------------

To unsubscribe, e-mail: [EMAIL PROTECTED]

For additional commands, e-mail: [EMAIL PROTECTED]