cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ugo Cei <>
Subject Re: Generating a 404 Not Found
Date Tue, 08 Oct 2002 07:47:29 GMT
Sylvain Wallez wrote:

> Do you think it's good for non authenticated users to even know that a 
> particular URI in a protected part of the URI space exists or not ? I 
> would say no (or tell us your use case), and then your sitemap is just 
> fine...

No, I think it's good for *authenticated* users to have a decent error 
message. If the user is not authenticated, the action fails and he is 
redirected to the login page. I think it should be expressed with 
something like the following:

  <map:match pattern="admin/**">

    <map:act type="auth-protect">
      <map:parameter name="handler" value="authhandler"/>

      <map:match pattern="admin/newuser">

      <map:match pattern="admin/deluser">

      <!-- more matchers here -->

      <map:match pattern="admin/**">
        <map:throw-error code="404" message="Not Found"/>


       - if the user is not authenticated,
       - redirect him to the login page
    <map:redirect-to uri="login"/>


Hope this clears it up,


Ugo Cei -

To unsubscribe, e-mail:
For additional commands, email:

View raw message