cocoon-docs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From d...@cocoon.apache.org
Subject [Cocoon Wiki] Updated: AuthFWWithFlow
Date Sat, 17 Jul 2004 10:36:32 GMT
   Date: 2004-07-17T03:36:31
   Editor: JoergHeinicke <joerg.heinicke@gmx.de>
   Wiki: Cocoon Wiki
   Page: AuthFWWithFlow
   URL: http://wiki.apache.org/cocoon/AuthFWWithFlow

   point to Cocoon samples

Change Log:

------------------------------------------------------------------------------
@@ -1,368 +1 @@
-I cannot find the information I've used to create authentication using flow rather than actions,
so I've decided to create this page with all info together. See [http://cocoon.apache.org/2.1/developing/webapps/authentication.html
Authentication Framework] for background info.
-
-Of course, credit is due to anyone who recognizes this as his/hers.
-
-Helma
-
-=== Sitemap ===
-
-{{{
-<?xml version="1.0" encoding="UTF-8"?>
-<map:sitemap xmlns:map="http://apache.org/cocoon/sitemap/1.0">
-
-...snip...
-
-<map:components>
-    <map:resources>
-    <!-- ========================================= -->
-    <!-- html-layout - handles the conversion to html -->
-    <!-- ========================================= -->
-    <map:resource name="html-layout">
-        <map:transform src="stylesheets/layout.xslt"/>
-	<map:serialize type="html"/>
-    </map:resource>
-    </map:resources>
-    <!-- ========================================= -->
-    <!-- flow scripts                              -->
-    <!-- ========================================= -->
-    <map:flow language="javascript">
-	<map:script src="system/scripts/login.js"/>
-	<map:script src="system/scripts/flowscripts.js"/>
-    </map:flow>
-    <map:pipelines>
-	<!-- ========================================= -->
-	<!-- flowAuthenticationHandler configuration   -->
-	<!-- ========================================= -->
-	<map:component-configurations>
-	    <authentication-manager>
-		<handlers>
-		    <handler name="flowAuthenticationHandler">
-			<!-- redirect-to uri="cocoon:/login"/>  -->
-			<!-- above should work, but doesn't because of bug in Cocoon 2.1.4-dev
-                             (prerelease), haven't checked since release -->
-			<redirect-to uri="/myapp/login"/>
-			<authentication uri="cocoon:raw:/authenticate"/>
-		    </handler>
-		</handlers>
-	    </authentication-manager>
-	</map:component-configurations>
-        <map:pipeline>
-            <!-- ========================================= -->
-            <!-- flow script continuations                 -->
-            <!-- ========================================= -->
-            <map:match pattern="**/*.continue">
-                <map:call continuation="{2}"/>
-            </map:match>
-            <map:match pattern="*.continue">
-                <map:call continuation="{1}"/>
-            </map:match>
-            <!-- ========================================= -->
-            <!-- about - information about the             -->
-            <!-- project and credits                       -->
-            <!-- ========================================= -->
-            <map:match pattern="about.html">
-		   <map:call function="isLoggedIn">
-		   <map:parameter name="handler" value="flowAuthenticationHandler"/>
-		   <map:parameter name="protected-redirect" 
-                                  value="general/about.form"/>
-		   <map:parameter name="failure-redirect" value="about"/>
-		</map:call>
-            </map:match>
-            <map:match pattern="about">
-                <map:generate src="content/about.xml"/>
-                <map:call resource="html-layout"/>
-            </map:match>
-            <!-- ========================================= -->
-            <!-- news - news about the project             -->
-            <!-- ========================================= -->
-            <map:match pattern="news.html">
-		<map:call function="isLoggedIn">
-		    <map:parameter name="handler" value="flowAuthenticationHandler"/>
-		    <map:parameter name="protected-redirect" value="general/news.form"/>
-		    <map:parameter name="failure-redirect" value="news"/>
-		</map:call>
-	    </map:match>
-	    <map:match pattern="news">	
-                <map:generate src="content/news.xml"/>
-                <map:call resource="html-layout"/>
-            </map:match>
-	    <!-- ========================================= -->
-	    <!--  main pipeline for general pages          -->
-	    <!-- ========================================= -->
-	    <map:match pattern="general/**">
-		<map:call function="protect">
-		    <map:parameter name="handler" value="flowAuthenticationHandler"/>
-		    <map:parameter name="protected-internal" value="internal/{1}"/>
-		    <map:parameter name="failure-redirect" value="login"/>
-		    <map:parameter name="failure-error" value="Eerst inloggen"/>
-		</map:call>
-	    </map:match>
-	</map:pipeline>
-	<!-- ========================================= -->
-	<!-- pipeline handling the content of the      -->
-	<!-- protected pages                           -->
-	<!-- ========================================= -->
-	<map:pipeline internal-only="true">
-	    <map:match pattern="internal/showError.form">
-		<map:generate type="jx" src="content/showError.jx"/>
-		<map:transform type="cinclude"/>
-		<map:call resource="html-layout"/>
-		<map:serialize type="xml"/>
-	    </map:match>
-	    <map:match pattern="internal/*.form">
-                <map:generate src="content/{1}.xml"/>
-		<map:transform type="cinclude"/>
-                <map:call resource="html-layout"/>
-            </map:match>
-            
-... snip [other pipelines] ...
-
-            <!-- ========================================= -->
-            <!-- handle "use case" with flow function      -->
-            <!-- ========================================= -->
-            <map:match pattern="**/protected/**.html">
-                <map:call function="prot_{2}"/>
-            </map:match>
-	</map:pipeline>
-	<!-- ========================================= -->
-	<!-- Authentication pipelines                  -->
-	<!-- ========================================= -->
-	<map:pipeline>
-	    <!-- ========================================= -->
-	    <!-- Redirections for page requests on homepage -->
-	    <!-- ========================================= -->
-	    <map:match pattern="">
-		<map:redirect-to session="true" uri="login"/>
-	    </map:match>
-	    <map:match pattern="/">
-		<map:redirect-to session="true" uri="login"/>
-	    </map:match>
- 	    <map:match pattern="*.html">
-		<map:redirect-to session="true" uri="login"/>
-	    </map:match>
-	    <!-- ========================================= -->
-	    <!-- Login page                                -->
-	    <!-- ========================================= -->
-	    <map:match pattern="login">
-		<map:call function="isLoggedIn">
-		    <map:parameter name="handler" value="flowAuthenticationHandler"/>
-		    <map:parameter name="protected-redirect" value="myFirstProtectedPage.html"/>
-		    <map:parameter name="failure-internal" value="internal/login"/>
-		</map:call>
-	    </map:match>
-	    <!-- ========================================= -->
-	    <!-- Form target which performs auth service   -->
-	    <!-- ========================================= -->
-	    <map:match pattern="do-login">
-		<!-- try to login -->
-		<map:call function="login">
-		    <map:parameter name="handler" value="flowAuthenticationHandler"/>
-		    <map:parameter name="parameter_name" value="{request-param:username}"/>
-		    <map:parameter name="parameter_password" value="{request-param:password}"/>
-		    <map:parameter name="protected-redirect" value="myFirstProtectedPage.html"/>
-		    <map:parameter name="failure-redirect" value="login"/>
-		</map:call>
-	    </map:match>
-	    <!-- ========================================= -->
-	    <!-- Logout link which invalidates the session -->
-	    <!-- ========================================= -->
-	    <map:match pattern="do-logout">
-		<map:call function="logout">
-		    <map:parameter name="handler" value="flowAuthenticationHandler"/>
-		    <map:parameter name="failure-redirect" value="login"/>
-		</map:call>
-	    </map:match>
-	    </map:pipeline>
-	    <map:pipeline internal-only="true">
-		<!-- ========================================= -->
-		<!-- This is the authentication resource       -->
-		<!-- ========================================= -->
-		<map:match pattern="authenticate">
-		    <map:generate src="system/authenticate/userlist.xml"/>
-		    <map:transform src="system/authenticate/authenticate.xslt">
-		        <map:parameter name="use-request-parameters" value="true"/>
-		    </map:transform>
-		    <map:serialize type="xml"/>
-		</map:match>
-		<!-- ========================================= -->
-		<!-- getUser                                   -->
-		<!-- put user info in an XML file              -->
-		<!-- ========================================= -->
-		<map:match pattern="getUser">
-		    <map:generate src="system/authentication.xml"/>
-		    <map:transform type="session"/>
-		    <map:serialize type="xml"/>
-		</map:match>
-		<!-- ========================================= -->
-		<!-- handle the actual login                   -->
-		<!-- ========================================= -->
-                <map:match pattern="internal/login">
-		    <map:generate src="content/login.jx" type="jx"/>
-		    <map:transform type="encodeURL"/>
-		    <map:call resource="html-layout"/>
-		</map:match>
-	    </map:pipeline>
-	</map:pipelines>
-</map:sitemap>
-<!-- end of file -->
-
-}}}
-
-Note that "about" and "news" are used in different pipelines to allow them to be visible
whether or not the user is logged in. In my case the "logged out" version only displays a
link to "login", while the "logged in" version displays a sidebar with the other protected
pages.
-
-=== login.js ===
-
-{{{
-
-cocoon.load("resource://org/apache/cocoon/webapps/authentication/flow/javascript/auth.js");
-
-function isLoggedIn() {
-  var handler = cocoon.parameters["handler"];
-  var resource = cocoon.parameters["resource"];
-// resource contains the URL where the request came from, 
-// so you can redirect to there
-  if (auth_isAuthenticated(handler)) {
-    success();
-  } else {
-    failure();
-  }
-}
-
-function protect() {
-  var handler = cocoon.parameters["handler"];
-
-  if (auth_checkAuthentication(handler,"")) {
-    success();
-  } else {
-    // already redirected by auth_checkAuthentication
-  }
-}
-
-function login() {
-  var handler = cocoon.parameters["handler"];
-
-  if (auth_isAuthenticated(handler)) {
-    success();
-  } else if (auth_login(handler, null, cocoon.parameters)) {
-    success();
-  } else {
-    failure();
-  }
-}
-
-function logout() {
-  var handler = cocoon.parameters["handler"];
-
-  auth_logout(handler);
-  failure();
-}
-
-function success() {
-  var internal = cocoon.parameters["protected-internal"];
-  var redirect = cocoon.parameters["protected-redirect"];
-
-  if (internal != null) {
-     cocoon.sendPage(internal);
-  } else if (redirect != null) {
-     cocoon.redirectTo(redirect);
-  } else {
-    throw new Error("No protected redirection parameter given");
-  }
-}
-
-function failure() {
-  var internal = cocoon.parameters["failure-internal"];
-  var redirect = cocoon.parameters["failure-redirect"];
-  var errMessage = cocoon.parameters["failure-error"];
-
-  if (internal != null) {
-     cocoon.sendPage(internal, {errMsg : errMessage});
-  } else if (redirect != null) {
-     cocoon.redirectTo(redirect);
-  } else {
-    // Why does this throw cause an error?
-    throw new Error("No failure redirection parameter given");
-  }
-}
-
-}}}
-
-=== Authentication.xml ===
-
-{{{
-
-<?xml version="1.0" encoding="UTF-8"?>
-<authentication xmlns:session="http://apache.org/cocoon/session/1.0" 
->
-<session:getxml context="authentication" path="/"/>
-</authentication>
-
-}}}
-
-=== Authenticate.xslt ===
-
-{{{
-<?xml version="1.0"?>
-<!-- $Id: authenticate.xsl,v 1.2 2003/05/03 16:17:59 vgritsenko Exp $ -->
-<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
-	<!-- Get the name from the request paramter -->
-	<xsl:param name="name"/>
-	<xsl:param name="password"/>
-	<xsl:template match="authentication">
-		<authentication>
-			<xsl:apply-templates select="users"/>
-		</authentication>
-	</xsl:template>
-	<!-- ========================================= -->
-	<!--  users -->
-	<!-- ========================================= -->
-	<xsl:template match="users">
-		<xsl:apply-templates select="user"/>
-	</xsl:template>
-	<!-- ========================================= -->
-	<!--  user -->
-	<!-- ========================================= -->
-	<xsl:template match="user">
-		<!-- Compare the name of the user -->
-		<xsl:if test="normalize-space(name) = $name">
-			<xsl:if test="normalize-space(password)=$password">
-				<!-- found, so create the ID -->
-				<ID>
-					<xsl:value-of select="name"/>
-				</ID>
-				<role>
-					<xsl:value-of select="role"/>
-				</role>
-			</xsl:if>
-		</xsl:if>
-	</xsl:template>
-</xsl:stylesheet>
-
-}}}
-
-=== userlist.xml ===
-
-{{{
-
-<?xml version="1.0" encoding="ISO-8859-1"?>
-<!-- $Id: userlist.xml,v 1.1 2004/04/01 15:25:14 hvanderlinden Exp $
-
- Description: All users
-
--->
-<authentication>
-	<users>
-		<user>
-			<name>cocoon@cocoon.com</name>
-			<role>admin</role>
-			<password>test123</password>
-		</user>
-		<user>
-			<name>guest@bla.com</name>
-			<role>guest</role>
-			<password>guest</password>
-		</user>
-	</users>
-</authentication>
-
-}}}
+"Authentication Framework with Flow" is now available as sample in your Cocoon installation
at http://localhost:8888/samples/blocks/authentication-fw/flow/.

Mime
View raw message