cocoon-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From e nio <enio...@yahoo.com>
Subject Re: Cocoon 2.1 Auth Bug??? [was "1 more auth question.."]
Date Mon, 25 Aug 2003 18:51:54 GMT
Have you tried this excellent sample from Lajoz?
http://www.javaworld.com/javaworld/jw-09-2002/jw-0920-cocoon_p.html
This work for me on 2.1m2 and the newest 2.1 release.

enio
--- Sonny Sukumar <ahimsadesi@hotmail.com> wrote:
> 
> 
> I'm using Cocoon version 2.1, and I downloaded it the day
> after it was 
> officially released a week or two ago.  I don't think it can
> be anything but 
> a bug in Cocoon itself, which is very troubling to me since I
> need this to 
> work.
> 
> To reiterate what I think is the bug, the auth-login action
> doesn't seem to 
> work--it just always redirects to the redirect-to document
> defined in the 
> auth handler.
> 
> I really would like to know if *anybody* out there is
> successfully using the 
> authentication framework in Cocoon 2.1.  Can anybody in the
> developer 
> community help me out?  Should I join that list and post on
> there??
> 
> Thanks,
> 
> Sonny
> 
> >
> >
> >Sonny
> >
> >I have looked through all of this and I cannot see anything
> wrong.
> >I agree with your comment about the redirect only happening
> within an
> >auth-prodect.
> >The only thing you are doing differently to me is that you
> are using
> >map:read and I use redirects on success and a full
> >generate-transform-serialize process on failure.
> >
> >Which version of Cocoon are you using? Maybe there is a bug
> in the
> >version you are using???
> >
> >Andrew
> >
> >Sonny Sukumar wrote:
> > > Hi Andrew,
> > >
> > > My point was that the login page should never get
> involved, since no
> > > redirect should occur to it using auth-login. 
> Neverthless, I must be
> > > missing something, so here's my authentication sitemap
> code in its
> > > entirety, including the handler configuration.  Take a
> look and let me
> > > know if you see something amiss.
> > >
> > >  <map:component-configurations>
> > >    ...
> > >    <authentication-manager>
> > >      <handlers>
> > >        <!-- Authenticates site administrators. -->
> > >        <handler name="adminAuthHandler">
> > >          <redirect-to uri="cocoon:/getAdminLoginPage"/>
> > >          <authentication
> uri="cocoon:/raw:/authenticateAdmin"/>
> > >        </handler>
> > >      </handlers>
> > >    </authentication-manager>
> > >    ...
> > >  </map:component-configurations>
> > >
> > >  ...
> > >
> > >      <!-- Generate and display the login page.-->
> > >      <map:match pattern="getAdminLoginPage">
> > >        <map:generate src="myapp/xml/adminLogin.xsp"
> type="serverpages"/>
> > >        <map:transform type="session"/>
> > >        <map:serialize type="xml"/>
> > >      </map:match>
> > >
> > >      <!-- Try to log in the admin. -->
> > >      <map:match pattern="adminLogin">
> > >        <map:act type="auth-login">
> > >          <map:parameter name="handler"
> value="adminAuthHandler"/>
> > >          <map:parameter name="parameter_userName"
> > > value="{request-param:userName}"/>
> > >          <map:parameter name="parameter_password"
> > > value="{request-param:password}"/>
> > >
> > >          <map:read
> src="myapp/html_test/authSucceeded.html"/>
> > >        </map:act>
> > >
> > >        <!-- Authentication failed -->
> > >        <map:read src="myapp/html_test/authFailed.html"/>
> > >      </map:match>
> > >
> > >      <!-- My auth resource, as defined in the handler. -->
> > >      <map:match pattern="authenticateAdmin">
> > >        <map:generate src="myapp/xml/authenticateAdmin.xsp"
> > > type="serverpages"/>
> > >        <map:serialize type="xml"/>
> > >      </map:match>
> > >
> > >      <map:match pattern="adminLogout">
> > >        <map:act type="auth-logout">
> > >          <map:parameter name="handler"
> value="adminAuthHandler"/>
> > >          <!--+
> > >
> > >            | ::UNRESOLVED ISSUE:: SS 08/19/03
> > >            |
> > >            | Admin logout succeeded, so tell admin in some
> way, perhaps
> > >            | a static page.
> > >
> > >            +-->
> > >        </map:act>
> > >
> > >        <!--+
> > >
> > >            | ::UNRESOLVED ISSUE:: SS 08/19/03
> > >            |
> > >            | Admin logout failed. Is that even possible? 
> What to do 
> >here?
> > >
> > >            +-->
> > >      </map:match>
> > >
> > >> From: Andrew Timberlake <andrew@timberlake.co.za>
> > >> Reply-To: users@cocoon.apache.org
> > >> To: users@cocoon.apache.org
> > >> Subject: Re: 1 more auth question..
> > >> Date: Sun, 24 Aug 2003 12:58:22 +0200
> > >>
> > >> Sonny
> > >>
> > >> I've had a look and I'm not sure why this is happenning.
> > >> There are bits of the sitemap missing which are still
> part of the auth
> > >> process such as your login page itself. Maybe the problem
> lies there
> > >> somewhere???
> > >>
> > >> Sorry I can't help further.
> > >>
> > >> Andrew
> > >>
> > >> Sonny Sukumar wrote:
> > >>> Update: I was mistake before when I said that if the
> login suceeds,
> > >>> the correct html file is shown.  It's not.  Rather, in
> both cases I'm
> > >>> redirected to the pipeline defined in the authentication
> handler.
> > >>>
> > >>> To reiterate, this confuses me because I thought no such
> redirect
> > >>> should ever occur with auth-login, but rather only with
> > >>> auth-protect.  Again, take a look at the sitemap snippet
> from my
> > >>> original post (below here).
> > >>>
> > >>> Any insights would be great,
> > >>>
> > >>> Sonny
> > >>>
> > >>>> From: "Sonny Sukumar" <ahimsadesi@hotmail.com>
> > >>>>
> > >>>>
> > >>>>
> > >>>>
> > >>>>
> > >>>> Hi Andrew,
> > >>>>
> > >>>> Thanks for that tip.  But there seems to be something
> else going on
> > >>>> as well....
> > >>>>
> > >>>> If the login succeeds, the correct static html file is
> shown (see
> > >>>> the the sitemap snippet I gave before--below), but if
> it fails then
> > >>>> I end up being redirected to the "redirect-to" page
> defined for the
> > >>>> auth handler.  I thought that if the auth-login fails,
> then it would
> > >>>> just read whatever comes after the action (another
> static html file,
> > >>>> for testing at least).
> > >>>>
> > >>>> To add to the strangeness, the redirected to page (a
> login page I
> > >>>> generate) shows the originally requested URI  (I embed
> the
> 
=== message truncated ===


__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org


Mime
View raw message