cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Lassi Immonen" <>
Subject Re: [C2]Access control using sitemap
Date Fri, 08 Sep 2000 13:18:16 GMT
> > I really would like to use Cocoon2 in our web/content management
> > Could someone give some advice how to implement user
> > control using sitemap? It has to be somekind of selector and all
> > has to go through same point?
> IIRC, there was a policy to not handle authorisation and authentication
> in the sitemap, and let the web server handle that.

Is there any reason not to use sitemap as basis of creating access control

It's not going to be only access control, I plan to have ability to produce
dynamic content based on userprofile in database.

> However, you could write a selector to handle it, yes.  Off the top of
> my head: just wrap all pages to be protected and test the uses
> credentials, if it fails redirect to a "permission denied" page.

I cannot see any other examples as to start other than recently added
BrowserSelector, so would my "AccessSelector" work like:

<map:selector name="access" factory="my.AccessSelector">


<map:match pattern="mysite/*">
    <map:select type="access">
<map:when test="granted">
    ?? how to use this as starting point to all my content residing under
    <map:redirect-to uri="login"/>

And in AccessSelector code, can I access database through JDBC? It's not
very clear to me how to maintain for example my custom Users-object live
somewhere with possible connection to database and accessible from
AccessSelector?  Any advice?
Anyway from BrowserSelector code I can see how one can get request object.

> There was a discussion about this several months ago - have a look in
> the archives.

It seems that at has been down for a
while. Is there any alternative method to search cocoon-dev?

 Lassi Immonen

View raw message