cocoon-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Eric SCHAEFFER" <eschaef...@posterconseil.com>
Subject Re: login concept
Date Thu, 22 Jun 2000 13:46:51 GMT
I use Cocoon 1.7.4, not Cocoon 2 (I haven't used the sitemap, but it would
be fantastic).

I wrote my own producer, based on the FileProducer. The only thing I added
is login checking.
I look for 3 parameters: process-type, login, password.
If "process-type" is "login", then I check the user login/password. If it's
ok, I "send" the desired URL. If there's an error, I redirect the user to an
error page.
(it's the same code as yours, but written at another place. To redirect the
user, I use a processor)

You can do more comlicated things, as you want (redirect the user to his
personnal index page by example).

This code shoud be written at a higher level in the process to be able to
protect other ressources that XML pages, but it will only be possible in
Cocoo2 (with sitemap).


Eric.

----- Original Message -----
From: "Nägeli Margrit" <margrit.naegeli@ecofin.ch>
To: <cocoon-users@xml.apache.org>
Sent: Thursday, June 22, 2000 3:20 PM
Subject: RE: login concept


> what would that look like? it sounds like you've done that; if so, would
you
> mind posting it?
>
> thanks, maggie
>
> > -----Original Message-----
> > From: Eric SCHAEFFER [SMTP:eschaeffer@posterconseil.com]
> > Sent: Thursday, June 22, 2000 3:13 PM
> > To: cocoon-users@xml.apache.org
> > Subject: Re: login concept
> >
> > Login checking should  [Nägeli Margrit]  not (correction according to
> > following mail) be done in XSP pages but at the "server" level (in
> > Cocoon: sitemap or producer, or at a higher level). Thus you can protect
> > other ressources, using more complex rules.
> >
> > Eric.
> >
> > ----- Original Message -----
> > From: "Gabor Dolla" <agdolla@mezon.net>
> > To: <cocoon-users@xml.apache.org>
> > Sent: Thursday, June 22, 2000 2:41 PM
> > Subject: Re: login concept
> >
> >
> > > >
> > > >    ltd.ims.etape.Access access = new ltd.ims.etape.Access(session,
> > request,
> > > > sDriver, sDatabase);
> > > >    if (!access.allow()) {
> > > >
> > > >
> >
response.sendRedirect("../login/login.xml?redirect=../manage/bookin.xml");
> > > >     return;
> > > >    }
> > >
> > > what I personally don't really like about this solution that you have
to
> > > include this piece into every XSP page. I have to include the same
> > > piece of code into every xsp page, my piece of code checks if the
> > session
> > > has expired and sends a redirect.
> > > I think the following would be a cool solution to this:
> > >
> > > have an xsp page with everything that should be executed every time
> > > that would be compiled into a java class which extends XSPPage
> > >
> > > other xsp pages would extend this new class and the
> > > generated populateDocument method would start with
> > > super.populateDocument()
> > >
> > > Gabor
> > >
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: cocoon-users-unsubscribe@xml.apache.org
> > > For additional commands, e-mail: cocoon-users-help@xml.apache.org
> > >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: cocoon-users-unsubscribe@xml.apache.org
> > For additional commands, e-mail: cocoon-users-help@xml.apache.org
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: cocoon-users-unsubscribe@xml.apache.org
> For additional commands, e-mail: cocoon-users-help@xml.apache.org
>


Mime
View raw message