RE: Security and Authentication

[Derek Hohls]

Mike   Why not add this to the WIki - that's what the site is there for - so "us users" can build up a shared base of learning...   Cheers Derek >>> [EMAIL PROTECTED] 2005/11/18 02:34 AM >>> {request:remoteUser} worked!  I thank you for your time.   For the record:               <map:match pattern="user/home">                     <map:generate src=""/>                     <map:transform src="">                         <map:parameter name="use-request-parameters" value="true"/>                         <map:parameter name="use-session-info" value="true"/>                         <map:parameter name="remoteUser" value="{request:remoteUser}"/>                                              </map:transform>                     <map:transform type="encodeURL"/>                     <map:serialize type="html"/>               </map:match>          One note:  I have spent three days looking around the Internet to solve this.  I am sure many people need to know the answer to this question.  I hope someone that has control of the docs can add something.  Otherwise, this post may help out.   Mike D.   -----Original Message----- From: Andrew Stevens [mailto:[EMAIL PROTECTED] Sent: Thursday, November 17, 2005 4:17 PM To: [EMAIL PROTECTED]; users@cocoon.apache.org Subject: RE: Security and Authentication   >From: "Mike Dickson" <[EMAIL PROTECTED]> >Date: Thu, 17 Nov 2005 12:31:35 -0800 >  >What data does Tomcat forward to Cocoon so I can tell which user has just >logged in? I need to look up their data and have it ready for the user home >page.  (What variables are handed to Cocoon to work with?  JSESSIONID?  How >do I get at them? {request-param:..}?)   I haven't checked what's currently available in CVS, but in one of our projects a while back I just modified the request parameter action (I think) to put the getRemoteUser() value in an extra entry in the returned map.  Then I just used that in the sitemap with {remoteUser}. Another possibility (for which I submitted a patch - #35051 in bugzilla) is to add it to the request generator output.  I have a vague feeling you can also access it with the request input module ({request:remoteUser} maybe?) though I might be wrong about that.   There's also a patch in bugzilla (#32164) that fixes the broken RoleFilterTransformer, so you can make use of isUserInRole() privileges.     Andrew.       --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- This message is subject to the CSIR's copyright, terms and conditions and e-mail legal notice. Views expressed herein do not necessarily represent the views of the CSIR. CSIR E-mail Legal Notice CSIR Copyright, Terms and Conditions For electronic copies of the CSIR Copyright, Terms and Conditions and the CSIR Legal Notice send a blank message with "REQUEST LEGAL" in the subject line to CSIR HelpDesk This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks Transtec Computers for their support.