cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Antonio Gallardo" <agalla...@agsoftware.dnsalias.com>
Subject Re: cvs commit: xml-cocoon2 changes.xml
Date Wed, 18 Dec 2002 22:13:14 GMT
Hi Vadim:

Vadim Gritsenko dijo:
> In the mean time (before integration of xscript and session-fw), the
> best way is to create separate session-fw logicsheet. The reason is that
>  session logicsheet is completely different thing and is not related to
> the session-fw.
>
> Vadim

It's OK. But what we can do now? Let me explain:

I wrote the <xsp-session-getxml> tag because I needed a way to separate
permisions for every page that a user request. Then I created some
"groups" of people. Inside every page I check for this permission to
decide if the user has the right or not to see the page. Currently I am
managing 8 groups of permissions.

The user permissions are loaded when you sucessfully login into the
system. Then the groups of each user lives inside the session of the user.

I made it in this form because I wanted to not request the database of
users every time I need to check a user's permission.

----------------------------
As you can see the tag was done more to interface the authentication-fw
than the session-fw.
----------------------------
Also it seems to be quite stable. My application currently has 45 users in
a LAN. Every day the tag checks hundreds of authentication permissions of
the users and everything works fine.

I agree with you that there must be a better interface to all this stuff,
but currently there is the only way to do that with XSP.

I thinked that I can do the same functionality using an action.

I will be glad if you (gurus) can comment about this. :-D

Regards,

Antonio Gallardo.



---------------------------------------------------------------------
To unsubscribe, e-mail: cocoon-dev-unsubscribe@xml.apache.org
For additional commands, email: cocoon-dev-help@xml.apache.org


Mime
View raw message