cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Antonio Gallardo" <agalla...@agssa.net>
Subject Re: [PROPOSAL] allow to invoke continuations from flow instead of sitemap
Date Tue, 06 Apr 2004 11:32:25 GMT
Leszek Gawron dijo:
> If you use IE (I do not know how other browsers handle this) if you serve
> a
> page without client cache turned off you make a security hole (IE caches
> everything and serves even after user has logged out).

Very smart browser! ROTFL!

> See the code attached below. The "main" method marks all function,
> continuation and view requests not cacheable. What I request is the proper
> handling of code in runContinuation fuction.

>> > For all above examples you have to code logic in sitemap. I
>> > think this is not as elegant as if you could have whole logic
>> > in a flowscript

>> At the current state of this discussion I would say, let's not
>> add this feature to flow. If you want to do such things, write
>> some custom components (input modules, actions etc.) and use
>> them at appropriate places. But perhaps with some more info,
>> I see things in different light.
> If you write actions you split your logic into 2 areas: actions and flow.
> Right now I set "Cache-control" header for continuation with "set-header"
> action.

> The code (assume every non internal uri goes to "main" method ):
> var user = null;

> function main( action ) {
>     cocoon.response.setHeader( "Expires", "-1" );
>     cocoon.response.setHeader( "Cache-Control", "no-cache" );
>     cocoon.response.setHeader( "Pragma", "no-cache" );

All these 3 instructions, can be setted in a the HTML style transformer
instead of doing it in Flow. If not you need to write it over and over.

>     if ( user == null && !isContinuation( action ) ) {
>         loginInternal();
>     }
>     invoke( action );
> }
>
> function invoke( action ) {
>     print( "action: " + action );
>
>     if ( isContinuation( action ) ) {
>         var id = extractContinuationId( action );
>         print( "da id: " + id );
>         runContinuation( id );
>     } else {
>         func = this[ action ];
>         if ( func != undefined )
>             func.apply( this );
>         else
>             cocoon.sendPage( action, {} );
>     }
> }
>
>
> function isContinuation( action ) {
>     var id = new java.lang.String( action );
>     return ( id.endsWith( ".continue" ) || id.endsWith( ".cont" ) );
> }
>
> function extractContinuationId( action ) {
>     var id = new java.lang.String( action );
>     var pos = id.indexOf( "." );
>     return id.substring( 0, pos );
> }
>
> function runContinuation( continuationId ) {
>     var contManager = null;
>     try {
>         contManager = cocoon.getComponent(
> "org.apache.cocoon.components.flow.ContinuationsManager" );
>         var wk = contManager.lookupWebContinuation( continuationId );
>     } finally {
>         if ( contManager != null )
>             cocoon.releaseComponent( contManager );
>     }
>     var c = wk.getContinuation();
>     c( wk );
> }
>

In the below code, can you better use the standard authentication-fw. the
auth-fw can also work with flow:

> function loginInternal() {
>     var form = new Form( "forms/login_d.xml" );
>     var model = form.getModel();
>     form.validator = loginValidator;
>     form.showForm( "form/login", {} );
> }
>
> function loginValidator( form ) {
>     var query = nTerApi.session.createQuery( "from User where name = :name
> and password = :password" );
>     query.setString( "name", form.getWidget( "username" ).getValue() );
>     query.setString( "password", form.getWidget( "password" ).getValue()
> );
>
>     var list = query.list();
>     if ( list.size() == 0 ) {
>         form.getWidget( "messages" ).addMessage( "Błędny użytkownik lub
> hasło!" );
>         return false;
>     }
>
>     user = list.get( 0 );
>     return true;
> }
>
> function login() {
>     user = null;
>     loginInternal();
>     cocoon.sendPage( "/nTer/view/welcome.jx", {} );
> }
>
> function logout() {
>     user = null;
>     cocoon.session.invalidate();
>     cocoon.redirectTo( "/nTer/welcome.do", {} );
> }


Mime
View raw message