cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Olivier Billard <>
Subject [Authentication-fw] Per-user unique authentication
Date Wed, 09 Jun 2004 13:55:24 GMT
Hi cocooners !

For a project, I must have a unique authentication per user.
If I have well understood, currently, the auth-fw is based on session 
existency to check if a user is authenticated.

But it doesn't prevent users to use several browsers (and/or browser 
windows) on different locations to authenticate twice.

I had a discussion with Sylvain (many thanks to him !), that proposed to 
use the org.apache.cocoon.environment.Context to store a map of 
authenticated users, as a reference to check for extra authentication.

It would be very interesting if it could be embeded into, maybe a 
org.apache.cocoon.webapps.authentication.components.Authenticator, to 
fit the actual auth-fw. And in addition the "user authentication 
context" stored in the context map should be aware of session 
invalidation, to clear itself from the map, and maybe deal with some 
other cleaning (two asses kicked with one foot ;)).

Is this the right way to go ?
Is there another better way ?

Many thanks !

Olivier Billard

View raw message