cocoon-docs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [DAISY] Created: Security Handlers
Date Sat, 13 Jan 2007 21:20:24 GMT
A new document has been created.

Document ID: 1317
Branch: main
Language: default
Name: Security Handlers
Document Type: Cocoon Document
Created: 1/13/07 9:20:21 PM
Creator (owner): Carsten Ziegeler
State: publish


Mime type: text/xml
Size: 2481 bytes

<p>One of the main objects of Cocoon Auth is a security handler. This handler is
the component that tries to authenticate a user against a user database. So this
is the connection between your web application and the user database. Cocoon
Auth comes already with some implementations for a security handler, like a
pipeline based one that uses a usual Cocoon pipeline to authenticate a user. So
a security handler is a helper component that you have to write in order to
integrate you database.</p>

<p>You will never directly use a security handler. The handler is tied to your
<a href="applications.html">applications</a> and Cocoon Auth makes use of a
security handler for login and logout operations of users.</p>


<p>Before you can use a security handler, you have to tell Cocoon Auth about it.
Technically, a security handler is a singleton component, so the configuration
of a handler takes place in the bean configurations</p>

<p>Let's have a look at a simple security handler configuration:</p>

&lt;bean name="org.apache.cocoon.auth.SecurityHandler/shop-handler"
    ... Configuration for the handler - if required

<p>In the example above, a new security handler is configured. Each handler must
have a unique name that is used as a reference to this handler. This uniqued
identifier is defined in the name attribute. The name has to start with the
prefix "org.apache.cocoon.auth.SecurityHandler/" follow by the name of the
handler. Technically, a handler is a Java class (conforming to a specific
interface). The class attribute in the configuration specifies this class. A
single instance of this class is created and used in the application to
authenticate a user.</p>

<h2>Anonymous Security Handler</h2>

<p>There are situations where you might want to use the notion of an
application, but don't have the need to identify single users. In this case you
can simply use the anonymous security handler of Cocoon Auth that automatically
creates a new user object without the requirement of having a user database.

<p>The application will not have a login form and the user is logged into the
application as soon as he invokes the first page of the application.</p>

<p>Using the anonymous security handler is easy: just omit the security handler
configuration on your application configuration!</p>


The document belongs to the following collections: cdocs-auth

View raw message