I've newly implemented cocoon's auth-fw and have a couple of questions. First, I realized the request parameter "resource" contains the uri of where the user was going when they are forced to login by hitting a protected page. However, the the user can also choose to explicitly login by clicking on a link to the login page. After logging in explicitly, I want the user to go to a static "welcome" page. However, the sitemap configuration for the auth-login action redirects to the "resource" request-param, not the static page.
I could fix this by adding two auth-login sections, one for forced login and one for passive login, however, then I would need to maintain two different login pages. Does anyone have any ideas for better implementing this scenario? The second question has to do with roles. I have a protected area which has an admin section that only users with the "admin" role can access. Are there any creative solutions for getting this to work with just one auth handler? I'd like for the user to only have to login once (ie, not use a separate "admin handler"). Thanks, JF __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
