cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Matthew Langham" <>
Subject RE: sunRise tutorial here
Date Fri, 01 Mar 2002 08:12:51 GMT

I particularly like the use of XSLT to do the checking, makes it very
Please realize that this is only one possibility. You can use whatever you
like in the authentication pipeline. The only requirement is that the
authentication XML is returned for the user as shown. So it is no problem to
authenticate the user against a database, LDAP or a legacy system using the
relevant components.

Is the sunRise-login action defined anywhere?
Yes. If you build Cocoon with the authentication/portal then you will find
the action in the sitemap:

  <map:action name="sunRise-login"
logger="sitemap.action.sunRise-login" />

How do you use the 'role' attribute in practice?
Well the role attribute can be used for whatever purpose you want. It is
used in the portal to map the user to a particular role. Each role in the
portal can have a specific profile. Actually there is a slight problem
here - one we were meaning to change - but never got round to. The portal
uses the 'role' as it is returned from the authentication which is really
not correct - it should be possible to map the authentication 'role' into an
application specific 'role'. This would be far more flexible.

I am still trying to figure out how to pass people onto where they
originally wanted to go ;)
;-) Ok, so perhaps it is not quite so easy to work out.

Basically: When the handler redirects the user to the login page it passes a
parameter 'resource' which contains the uri the user was originally trying
to call. In the stylesheet that builds up the form, this parameter can then
be appended to the <url>. In the tutorial it is hardcoded. Then this
parameter will be passed to the authentication pipeline and can then be used
in the redirect. (I will add this to the tutorial :-))

Are there examples of this in the Portal Demo? Sorry, I have not studied it
closely yet.
Not sub-sitemap protection. The same authentication concept is used in the
portal - but the portal takes the sunRise concept quite a bit further (look
at the additional entries where the handler is defined).



Open Source Group               sunShine - Lighting up e:Business
Matthew Langham, S&N AG, Klingenderstrasse 5, D-33100 Paderborn
Tel:+49-5251-1581-30 -
           Weblogging at:

regards Jeremy

   Jeremy Quinn                                           Karma Divers
                                                       webSpace Design
                                            HyperMedia Research Centre

   <>     		 <>
   <phone:+44.[0].20.7737.6831>             <>

To unsubscribe, e-mail:
For additional commands, email:

To unsubscribe, e-mail:
For additional commands, email:

View raw message