cocoon-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kogan Irina <>
Subject RE: Authentication framework: SQL question.
Date Wed, 07 May 2003 14:18:16 GMT

Thanks a lot for your answer!  I have actually found a way-around solution
to my problem a couple of minutes ago.

> Looks like you are close.  The username and password are probably
> character fields in your database, so you would need single quotes
> around the values in your query where clause...
>       <sql:query>
>        select name, password
>          from login
>         where name = '<xsl:value-of select = "$name"/>'
>           and password = '<xsl:value-of select = "$password"/>'
>       </sql:query> 

Unfortunately, this does not work either (I have tried inserting single
quotes).  Maybe it is because I am declaring my map:transform to be of type
sql, not xslt, but I am not sure.

I just make the parameters inside of my xslt transformations available to
the sitemap (by using request action, setting parameters to true and then
saving the values of name and password request parameters in username and
password in the sitemap).

Then I write the following:

<sql:execute-query xmlns:sql="">
	 <sql:query>select name, password from login where name = 
	      '<sql:substitute-value sql:name="username"/>' and password =
	      '<sql:substitute-value sql:name="userpassword"/>'

This works!

> However, usually with authentication you will want to redirect to
> a different page if the credentials are not valid.  That is why it
> is common to use xsp.  It is also possible to have another stylesheet
> after the SQL Transformer to detect an empty result set and display
> an invalid login message.

When you have time, could you please write to me about how to do this (or
where I could look for info)?  I am a new user of TomCat / Cocoon and so far
I still do not know how to do debugging.  It would be nice to see the
results of each transformation on another page / in a file and to see the
values of the variables used.

Thank you very much!

Have a nice day!


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message