cocoon-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kjartan Müller <>
Subject Re: Bug-Report cocoon1.8.1
Date Mon, 22 Jan 2001 13:53:37 GMT

I don't know what's been changed, but I've been looking into your auth
taglib this weekend, and I've been struggling with the same
redirect-problem using 1.8.1-dev. For me the problem was twofold.

1) One problem has to do with sendRedirect and exceptions. I have no clue
what's been changed, but I don't think it has anything to do with
session.getValue(). I got the exeption whatever value I put into the
method. What I found out, is that it redirects -- even if it throws an
exception afterwards.
2) The other problem, which - of course - is related to the first, but make
auth lib vulnerable to that kind of problems, is the way auth lib throws an
exception if it don't find a match, and uses catch to handle the fallback.
(So when it gets an sendRedirect-exception from the success-handling, it
jumps over to the fallback-handling.) So I moved some code around a little
till I got it to redirect after a success, even if I got the exception. I
still got some error-messages complaining about writing to a closed stream
-- but at least it didn't stop the execution.

In the end, I tried to move the redirect-call to the end of the
protection-template and login-template (more like the way it is handled in
the fp-library), and -- don't ask me why -- got rid of both the exception
and the error-messages :)


Auth lib is an interesting tag library, thanks! I've looking into it to see
if I can also make it handle roles, privileges related to resources etc. It
could be interesting to know if you have any plans in that area.

>the auth taglib doesn't work anymore in cocoon 1.8.1 - it seems to have
>something to do with response.sendRedirect, whose behavior was changed
>for cocoon1.8.1
>Here's the problematic line of code from the auth taglib:
>response.sendRedirect(String.valueOf(session.getValue("auth:" + _auth_id
>+ ":auth:success")));
>For some reason the string this line gets from the session is wrong and
>thus no redirect occurs. To track this one down, can someone please
>provide the following information:
>- what exactly was changed in response.sendRedirect behavior?
>- has session handling changed? I am using the session.putValue and
>session.getValue methods.
>If I comment the above line out, the auth taglib again works as expected
>(with the exception that the redirect doesn't occur, of course).
>I am using JSDK2.0 with JServ and haven't put servlet_2.2.jar from the
>cocoon distro in the classpath.
>Ulrich Mayring
>DENIC eG, Systementwicklung
>Please check that your question has not already been answered in the
>FAQ before posting. <>
>To unsubscribe, e-mail: <>
>For additional commands, e-mail: <>

Kjartan Müller
tlf: (47) 22 84 01 15
mobil: (47) 99 35 79 49
privat: (47) 22 38 44 46

View raw message