cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sylvain Wallez <>
Subject Re: [RT] Access to the object model
Date Tue, 20 May 2003 20:57:28 GMT
Vadim Gritsenko wrote:

> Sylvain Wallez wrote:
>> Vadim Gritsenko wrote:
>>> Sylvain Wallez wrote:
>>> ...
> ...
>>>> [1]
>>> <commit-message-expr>{request-attr:cvs-message}</commit-message-expr>
>>> Ewww!!! Looks awful! Ain't there better way -- like pass info via 
>>> URI? Things like that must be controlled from the sitemap, not from 
>>> cocoon.xconf.
>> For this one, I admit it's awful. But look at the other ones also :
>>  <username-expr>{session-attr:cvs-user}</username-expr>
>>  <password-expr>{session-attr:cvs-passwd}</password-expr>
>> I used the same mechanism for the commit message because the 
>> mechanism was there and I lacked time to do something nicer.
> Compare with:
> <map:generate 
> src="cvs://{session-attr:cvs-user}:{session-attr:cvs-password}"/>
> Or something similar. Will it work? Is it better or worse - from your 
> POV?

Well, I have to explain further how my project using the CVSSource works 
(gee, will you find it hacky also ?).

This is a lightweight CMS working with a repository. The sitemap doesn't 
care if this is CVS, slide, files, or any other modifiable source, or a 
combination thereof, and actually doesn't use "cvs:" at all. All calls 
to the repository use a "repo:" protocol which is equivalent to a 
mounting table :

        <protocol name="repo" class="...">
            <!-- source mappings : maps a top-level directory 
("repo:/topdir") to another source
               "from" attribute : top-level directory (first path element)
               "to" attribute : target mount point.
            <map from="spec" to="cvs:auth:/spec/"/>
            <map from="man"  to="cvs:auth:/man/"/>
            <map from="gen"  to="cvs:/gen/"/>
            <map from="img" to="file:/app-dir/data/img"/>

So the sitemap actually contains <map:generate src="repo://spec/foo"/> 
where user credentials cannot fit.

The scheme you propose, even if it works, requires to repeat the 
authentication scheme everywhere the repository is used. It also has the 
potential bad side effect of showing user credential in clear text in 
the logs or in an error screen (e.g. ResourceNotFoundException).


Sylvain Wallez                                  Anyware Technologies 
{ XML, Java, Cocoon, OpenSource }*{ Training, Consulting, Projects }

View raw message