cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nicholas Hemley <nhem...@fsmail.net>
Subject User Authentication from Database in Cocoon
Date Mon, 10 Apr 2000 13:58:34 GMT
I am having to implement a commercial solution where user access to many different
sites are controlled via a centralised user _database_. I propose using a users configuration
file. This file specifies the user database connection and the paths to be protected.

E.g.

<external_users>

<!-- specify the user database connection -->
<connectiondefs>
  <connection name="users">
   <driver>org.gjt.mm.mysql.Driver</driver>
   <dburl>jdbc:mysql://194.167.2.245/Users</dburl>
   <username>root</username>
   <password></password>
  </connection>
</connectiondefs>

<!-- specify the paths and associated user database -->
<directory path="/site1" conn="users"/>
<directory path="/site2" conn="users"/>

</external_users>

This file could be parsed when Cocoon initialises and the protected directories stored.

On receiving a request, the servlet then uses the database connection to verify
user access and issues www-authenticate headers for authorized access.

This is the same principle of user authentication as used in the apache
webserver, but for dynamic content. For static content use the AuthDBUserFile
in httpd.conf as before.

Any comments on this proposal would be gratefully received!

Cheers,
Nic Hemley




Mime
View raw message