Return-Path: Delivered-To: apmail-cocoon-dev-archive@www.apache.org Received: (qmail 39413 invoked from network); 2 Sep 2003 08:25:36 -0000 Received: from daedalus.apache.org (HELO apache.org) (208.185.179.12) by minotaur-2.apache.org with SMTP; 2 Sep 2003 08:25:36 -0000 Received: (qmail 82401 invoked by uid 500); 2 Sep 2003 08:25:04 -0000 Delivered-To: apmail-cocoon-dev-archive@cocoon.apache.org Received: (qmail 82326 invoked by uid 500); 2 Sep 2003 08:25:03 -0000 Mailing-List: contact dev-help@cocoon.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: list-post: Reply-To: dev@cocoon.apache.org Delivered-To: mailing list dev@cocoon.apache.org Received: (qmail 82294 invoked from network); 2 Sep 2003 08:25:02 -0000 Received: from unknown (HELO sbe3777.swissptt.ch) (138.190.3.48) by daedalus.apache.org with SMTP; 2 Sep 2003 08:25:02 -0000 Received: from sbe2172.corproot.net (138.190.70.54) by sbe3777.swissptt.ch (MX V5.3 AnHp) with SMTP for ; Tue, 2 Sep 2003 09:56:25 +0200 Received: from sxmbx03.corproot.net ([138.190.70.162]) by sxsmtp02.corproot.net with Microsoft SMTPSVC(5.0.2195.5329); Tue, 2 Sep 2003 09:56:24 +0200 X-MimeOLE: Produced By Microsoft Exchange V6.0.6375.0 content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Subject: RE: Cocoon 2.1 Authentication Bug? *Please* Help Date: Tue, 2 Sep 2003 09:56:24 +0200 Message-ID: <5B093C49F2649B459246944825A267AB3FC1F4@sxmbx03.corproot.net> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Cocoon 2.1 Authentication Bug? *Please* Help Thread-Index: AcNwmMfMoR4ewyQVThCwJopaz3yA6gAjTw3A From: To: X-OriginalArrivalTime: 02 Sep 2003 07:56:24.0101 (UTC) FILETIME=[B469ED50:01C37127] X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N Hello, Yes, I don't have roles since I'm using the LDAP authentication, all = users are "Admin" at this moment. Do you think to create a static list in a file or database and check = which role has the user? I have thought about creating a static list but my problem is that I = have to enter ~1000 users in this list (I have about 20'000 users but = only ~1000 have special roles). The solution is maybe to use the groups = defined in the LDAP repository, you would have ~10 groups instead of = ~1000 users in the static list. But in you have groups, you have to use = a LDAP query to know if the authenticated user is in a group. It seems a = bit complicated, no? What do you think about the best practise? Thanks Regards Sylvain -----Message d'origine----- De: Carsten Ziegeler [mailto:cziegeler@s-und-n.de] Date: lundi, 1. septembre 2003 16:28 =C0: dev@cocoon.apache.org Objet: RE: Cocoon 2.1 Authentication Bug? *Please* Help Sylvain.Thevoz@swisscom.com [mailto:Sylvain.Thevoz@swisscom.com] wrote: > OK, I understand the mechanism. >=20 > About the roles, since I used LDAP for the authentication I have=20 > a problem how to define the roles. > By default the authentication uses the file sunrise-user.xml and=20 > the role is defined for each user inside this file. > With LDAP authentication I retrieve the users from a LDAP=20 > repository and the role isn't defined in this repository.=20 > Have you an idea how I could define the role for each users? >=20 I guess from the above that you don't have roles. So, I would give each user a default role and create a static list of roles with this one role. HTH Carsten