cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Giacomo Pati <giac...@simba.pwr.ch>
Subject Re: Squaring the sitemap circle...
Date Sat, 27 May 2000 05:50:52 GMT
On Sat, May 27, 2000 at 12:48:08AM +0200, Stefano Mazzocchi wrote:
> Giacomo Pati wrote:
> >
> > Yes, but we have even more to do :-!
> 
> ??? we just received a completely written java regexp engine and it's
> not included in Jakarta :)
> 
> More to do? sure, just stick another jar in :)

You're right,nothing special to do here!

> > No, let the user choose out of several possibilities his common
> > infrastructure offers (excluding Cocoon). If he uses Cocoon he already
> > has a servlet engine and a web server. Servlet engines like Tomcat can
> > authenticate in several ways (you can even plug in your own written
> > authentication classes) as the 2.2 servlet spec. says so. Web servers
> > can also authenticate in several ways. I think you know apache well. 
> 
> To be entirely honest, I don't. :/

So, I've totaly overestimated ;-))
You never setup a .htaccess or fumbled the httpd.conf file to protect a URI path?

> 
> > You
> > can do Basic Authentication so your browser pops up a userid/password
> > dialog box which you have to enter. You can even go over SSL and require
> > the user to have a valid certificate in the browser to authenticate
> > itself. These mechanisms also do some authorisation in the way allowing
> > the authenticated user to choose the URL requested or not. But all this
> > happens outside the servlet/application. At this point some information
> > (userid/password/certificate data) should be passed to the servlet as
> > headers so the servlet (here cocoon) can further determine if the
> > particular user is granted access to specific data in the URL requested
> > (might be that he can see parts of the data but not all). Speaking in
> > terms of the sitemap you can only grant on URLs (he may access the URL
> > requested or not). Only an XSP page (or some equivalent logic) can
> > determine if the user (according to the header data) can access certain
> > data the page will offer.
> 
> or matchers, right?

Yes, of course, the matchers can determine which generator/source file should fill the pipline
with data according to any http header we like them to examine!

>  
> > > Hey, I'd love to do that.... the problem is I don't have the slightest
> > > clue on how to do this! Turbine invoques with Class.forName() and this
> > > is not exactly a good thing for us.
> > 
> > Since Turbine is gone the WebMacro way I've lost somehow interest doing
> > things with Turbine (I would much more appreciate doing web apps with
> > cocoon, hehe).
> 
> Hear, hear :) Interesting...

What is interesting? Turbine and WebMacro or doing web apps with cocoon?

>  
> > > > 4. According to <matcher> component and <match> process element,
should
> > > > we name the <generator> process element <generate> (and also
> > > > <serializer> and <serialize>)?
> > >
> > > Good point. Didn't think of that one, but sounds like a good idea, would
> > > also allow us to separate them for schemas.... yeah, I think they truly
> > > are different elements. Anywone else?
> > 
> > But it doesn't work for the <filter>s!!
> 
> I know!!! Suggestions?

<filtrare> :-)

Giacomo 

-- 
PWR GmbH, Organisation & Entwicklung      Tel:   +41 (0)1 856 2202
Giacomo Pati, CTO/CEO                     Fax:   +41 (0)1 856 2201
Hintereichenstrasse 7                     Mailto:Giacomo.Pati@pwr.ch
CH-8166 Niederweningen                    Web:   http://www.pwr.ch


Mime
View raw message