Return-Path: 
 <cocoon-users-return-50269-apmail-xml-cocoon-users-archive=xml.apache.org@xml.apache.org>
Delivered-To: apmail-xml-cocoon-users-archive@xml.apache.org
Received: (qmail 86882 invoked by uid 500); 7 May 2003 14:07:57 -0000
Mailing-List: contact cocoon-users-help@xml.apache.org; run by ezmlm
Precedence: bulk
list-help: <mailto:cocoon-users-help@xml.apache.org>
list-unsubscribe: <mailto:cocoon-users-unsubscribe@xml.apache.org>
list-post: <mailto:cocoon-users@xml.apache.org>
Reply-To: cocoon-users@xml.apache.org
Delivered-To: mailing list cocoon-users@xml.apache.org
Received: (qmail 86829 invoked from network); 7 May 2003 14:07:56 -0000
Received: from unknown (HELO dino.envworld.com) (12.23.84.3)
  by daedalus.apache.org with SMTP; 7 May 2003 14:07:56 -0000
Received: by dino.envworld with Internet Mail Service (5.5.2653.19)
	id <KLKC0VRN>; Wed, 7 May 2003 08:05:58 -0600
Message-ID: <84D81C785031CA40BDA31E9FFC7AA1AD9AC2E6@dino.envworld>
From: Jeff Sallade <JeffS@envworld.com>
To: "'cocoon-users@xml.apache.org'" <cocoon-users@xml.apache.org>
Subject: RE: Authentication framework: SQL question.
Date: Wed, 7 May 2003 08:05:57 -0600 
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
Content-Type: text/plain;
	charset="iso-8859-1"
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N

Irina,

Looks like you are close.  The username and password are probably
character fields in your database, so you would need single quotes
around the values in your query where clause...

      <sql:query>
       select name, password
         from login
        where name = '<xsl:value-of select = "$name"/>'
          and password = '<xsl:value-of select = "$password"/>'
      </sql:query> 

However, usually with authentication you will want to redirect to
a different page if the credentials are not valid.  That is why it
is common to use xsp.  It is also possible to have another stylesheet
after the SQL Transformer to detect an empty result set and display
an invalid login message.

Jeff

-----Original Message-----
From: Kogan Irina [mailto:Irina.Kogan@mchp.siemens.de]
Sent: Tuesday, May 06, 2003 9:33 AM
To: cocoon-users@xml.apache.org
Subject: Authentication framework: SQL question.


Hello everybody,

I am using TomCat and the authentication framework in Cocoon.  Does anybody
know how I can read names and passwords from the database and to compare
them to the request parameters?  I am trying to do the following in my
stylesheet called insertparameters.xsl (XSLT transformations):

...

<xsl:param name="name"/>
<xsl:param name="password"/>


...

<sql:execute-query xmlns:sql="http://apache.org/cocoon/SQL/2.0">
       <sql:query>select name, password from login where name =
<xsl:value-of select =    "$name"/> and password = <xsl:value-of select =
"$password"/>
       </sql:query> 
</sql:execute-query>

...

(And I am specifying this in my sitemap:
<map:transform src="stylesheets/insertparameters.xsl"/>
<map:transform type="sql" >
      <map:parameter name="use-connection" value="dbtest" />
      <map:parameter name="use-request-parameters" value="true"/> 
</map:transform>  
)

This query seems to always have an empty set as an answer (even though
without the where close it works properly).  Am I getting the value of the
request parameter incorrectly? "{$name}" or saving the result of the request
parameter in the sql:parameter and then acessing it through @ did not work
either.  How can I fix this problem?  

Does anybody have any examples for this kind of SQL statements (preferably
the ones for authentication framework)?

Thanks a lot!  I really appreciate your help!

Irina. 

---------------------------------------------------------------------
To unsubscribe, e-mail: cocoon-users-unsubscribe@xml.apache.org
For additional commands, e-mail: cocoon-users-help@xml.apache.org

---------------------------------------------------------------------
To unsubscribe, e-mail: cocoon-users-unsubscribe@xml.apache.org
For additional commands, e-mail: cocoon-users-help@xml.apache.org