cocoon-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Berin Loritsch <>
Subject Re: [C2] User Authentication
Date Mon, 16 Jul 2001 13:08:19 GMT
Uli Mayring wrote:
> On Sat, 14 Jul 2001, Berin Loritsch wrote:
> > To further complicate things, we cannot always require a particular type
> > of software be installed.  We have to work within our customer's
> > configuration
> > management.  That means if they don't like Tomcat but they like iPlanet
> > w/servlets,
> > then we have to support that configuration.  Our authentication methods
> > cannot be broken because we can no longer use Tomcat's Database Realm.
> > This requires us to implement our own login mechanisms--adding to the
> > complexity
> > of our software.
> So basically you're saying you have custom authentication code. Where do
> you put it in Cocoon2? I guess in an action, because you need to redirect,
> right? If not, what do you do, if the user tries to access a protected
> page prior to authentication?

For now, I use an Action.  In the future, I want to migrate to formalizing
Stefano's FlowMap approach.  It is the process of modeling application flow
in XML.  The FlowMap will take care of matching actions and form pages, etc.
It will also make sure that when a resource must be authenticated and authorized,
you will be redirected to the login form.

It is a great idea whose time has come.  The problem is finding the time
to implement it.....
View raw message