cocoon-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "jin wu" <jw2...@hotmail.com>
Subject Re: Authentication framework sample and Mozilla...
Date Tue, 08 Apr 2003 15:57:21 GMT
hi oliver,

i found one thing under IE 6.0. if i go to Tools->Internet 
Options->General->Settings(Temporary Internet Files) and change Check For 
Newer Versions of Stored Pages to Every Visit to The Page, then the problem 
solved. i assume this is related to the cached pages by IE.

under Netscape, it's fine now after i put the logout action inside a 
Sunrise-auth action like below:
      <map:match pattern="foo-logout">
        <map:act type="sunRise-auth">
           <map:parameter name="handler" value="foo-handler"/>
           <map:act type="sunRise-logout"/>
        </map:act>
      </map:match>

i haven't tried 2.1 yet. i will try it later to see if any setting needs to 
be changed under IE.

brgds,
jin





>From: "Olivier Billard" <obillard@rennes.jouve.fr>
>Reply-To: "Olivier Billard" <obillard@rennes.jouve.fr>
>To: <cocoon-users@xml.apache.org>
>Subject: Re: Authentication framework sample and Mozilla...
>Date: Fri, 4 Apr 2003 12:03:36 +0200
>
>Hi Jin !
>
>I use the cocoon 2.1dev. I think you should try it to check if some bug was
>fix between our 2 versions by testing the 2.1 dev with your config. If I'm
>not wrong, the authentication framework was split from the sunRise portal 
>in
>the 2.1dev.... with maybe some fixes.
>
>I can't reproduce the problem you describe with my config : win2K, "cocoon
>servlet" (jetty) 2.1dev, java 1.4.1_01. In both IE 6 and Netscape 4.78
>Good luck and write back for results !
>
>Regards
>--
>Olivier
>
>
>From: "jin wu" <jw2203@hotmail.com>
> > hi oliver,
> > i have the similar but worse problem than you. Using Netscape 4.78 or IE
> > 6.0, the protected resource is protected well during the first time
> > login-access-logout-deny process, however, after i tried the same 
>process
> > the second time, the protected resource is still accessable after i
>logout.
> > the environment i am using is:
> > +-------------------------------------------------------+
> > |win2000                                                |
> > |cocoon 2.0.4 (bin file with cocoon-scratchpad.jar)     |
> > |Tomcat 4.1.18                                          |
> > |java 1.3.06                                            |
> > +-------------------------------------------------------+
> >
> > And here is part of my sitemap:
> >
> > ......
> >    <map:action name="sunRise-auth"
> > src="org.apache.cocoon.sunshine.sunrise.acting.AuthAction">
> >        <handlers>
> > <handler name="foo-handler"
>xmlns:map="http://apache.org/cocoon/sitemap/1.0"
> > xmlns:sunshine="http://sunshine.sundn.de/sunshine/1.0">
> >             <redirect-to uri="cocoon://foo-loginpage"/>
> >             <authentication uri="cocoon:raw://foo-authuser"/>
> >          </handler>
> >
> > ......
> >
> > <!-- =============== AUTHENTICATE Sample =========================== -->
> > <map:pipeline>
> >       <map:match pattern="foo-loginpage">
> >         <map:generate src="samples/foo/loginpage.xml"/>
> >         <map:transform src="samples/foo/loginpage.xsl" />
> >         <map:transform type="encodeURL" />
> >         <map:serialize />
> >       </map:match>
> >       <map:match pattern="foo-login">
> >         <map:act type="sunRise-login">
> >           <map:parameter name="handler" value="foo-handler"/>
> >           <map:parameter name="parameter_name" value="request:name"/>
> >           <map:parameter name="parameter_password"
> > value="request:password"/>
> >           <!-- If the authentication is successfull then this redirect
>will
> > be performed -->
> >           <map:redirect-to uri="foo-protected"/>
> >         </map:act>
> >         <!-- authentication failed: -->
> >         <map:generate src="samples/foo/login-failed.xml"/>
> >         <map:transform src="stylesheets/simple-xml2html.xsl"/>
> >        <map:serialize/>
> >      </map:match>
> >      <map:match pattern="foo-logout">
> >        <map:act type="sunRise-auth">
> >           <map:parameter name="handler" value="foo-handler"/>
> >           <map:act type="sunRise-logout"/>
> >        </map:act>
> >      </map:match>
> >      <map:match pattern="foo-authuser">
> >            <map:generate src="samples/foo/foo-user.xml"/>
> >            <map:transform src="samples/foo/foo-user.xsl">
> >               <map:parameter name="use-request-parameters" value="true" 
>/>
> >            </map:transform>
> >            <map:serialize type ="xml"/>
> >      </map:match>
> >      <map:match pattern="foo-protected">
> >           <map:act type="sunRise-auth">
> >               <map:parameter name="handler" value="foo-handler"/>
> >               <map:generate src="samples/foo/foo-resource.xml"/>
> >           </map:act>
> >           <map:transform src = "stylesheets/simple-xml2html.xsl"/>
> >           <map:serialize/>
> >      </map:match>
> > </map:pipeline>
> > <!-- =============== End Of AUTH Sample ============================ -->
> >
> > ......
> >
> > Hope we could find out the problem or solution.
> >
> > brdgs,
> > j.w
> >
> >
> >
> >
> >
> > >From: "Olivier Billard" <obillard@rennes.jouve.fr>
> > >Reply-To: "Olivier Billard" <obillard@rennes.jouve.fr>
> > >To: <cocoon-users@xml.apache.org>, "Olivier Billard" 
><obillard@jouve.fr>
> > >Subject: Re: Authentication framework sample and Mozilla...
> > >Date: Wed, 2 Apr 2003 11:24:52 +0200
> > >
> > >Even if the cache is set to 0 Ko !
> > >This case doesn't appened in Netscape with the same configuration...
> > >
> > >But I suppose other protected pages not in memory cache will send the
>user
> > >to the login page...
> > >But would it be better (if not done, but in this case I don't 
>understand)
> > >to
> > >set expiration date to now in all protected pages ?
> > >
> > >Sorry if it is a dumb question... ! :)
> > >
> > >
> > >----- Original Message -----
> > >From: "Olivier Billard" <obillard@jouve.fr>
> > >To: "Cocoon Users" <cocoon-users@xml.apache.org>
> > >Sent: Wednesday, April 02, 2003 11:07 AM
> > >Subject: Authentication framework sample and Mozilla...
> > >
> > >
> > > > Hi all cocooners !
> > > >
> > > > I'm working on using the authentication framework, base on the
> > > > authentication sample, in the Cocoon 2.1 CVS from yesterday.
> > > > I made :
> > > > build clean
> > > > build webapp
> > > > cocoon servlet
> > > >
> > > > With an ooold Netscape (4.78) and IE 6, all works fine : protected
>area
> > > > access is first denied, and then accepted after logged in, finally
> > >denied
> > > > when logged out.
> > > > But with Mozilla, when cache option are set to "Never compare with 
>the
> > > > cache" (and cache deleted) the protected area is still accessible,
>even
> > >if
> > >I
> > > > logged out...
> > > >
> > > > Is this a bug from Mozilla or Cocoon ?
> > > > This "hole" is pretty disturbing...
> > > >
> > > > Thanks
> > > > --
> > > > Olivier
> > > >
> > > >
> > > > 
>---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: cocoon-users-unsubscribe@xml.apache.org
> > > > For additional commands, e-mail: cocoon-users-help@xml.apache.org
> > > >
> > > >
> > >
> > >
> > >---------------------------------------------------------------------
> > >To unsubscribe, e-mail: cocoon-users-unsubscribe@xml.apache.org
> > >For additional commands, e-mail: cocoon-users-help@xml.apache.org
> > >
> >
> >
> > _________________________________________________________________
> > STOP MORE SPAM with the new MSN 8 and get 2 months FREE*
> > http://join.msn.com/?page=features/junkmail
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: cocoon-users-unsubscribe@xml.apache.org
> > For additional commands, e-mail: cocoon-users-help@xml.apache.org
> >
> >
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: cocoon-users-unsubscribe@xml.apache.org
>For additional commands, e-mail: cocoon-users-help@xml.apache.org
>


_________________________________________________________________
MSN 8 with e-mail virus protection service: 2 months FREE*  
http://join.msn.com/?page=features/virus


---------------------------------------------------------------------
To unsubscribe, e-mail: cocoon-users-unsubscribe@xml.apache.org
For additional commands, e-mail: cocoon-users-help@xml.apache.org


Mime
View raw message