cocoon-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sonny Sukumar" <ahimsad...@hotmail.com>
Subject Cocoon 2.1 Auth Bug??? [was "1 more auth question.."]
Date Mon, 25 Aug 2003 18:17:44 GMT


I'm using Cocoon version 2.1, and I downloaded it the day after it was 
officially released a week or two ago.  I don't think it can be anything but 
a bug in Cocoon itself, which is very troubling to me since I need this to 
work.

To reiterate what I think is the bug, the auth-login action doesn't seem to 
work--it just always redirects to the redirect-to document defined in the 
auth handler.

I really would like to know if *anybody* out there is successfully using the 
authentication framework in Cocoon 2.1.  Can anybody in the developer 
community help me out?  Should I join that list and post on there??

Thanks,

Sonny

>
>
>Sonny
>
>I have looked through all of this and I cannot see anything wrong.
>I agree with your comment about the redirect only happening within an
>auth-prodect.
>The only thing you are doing differently to me is that you are using
>map:read and I use redirects on success and a full
>generate-transform-serialize process on failure.
>
>Which version of Cocoon are you using? Maybe there is a bug in the
>version you are using???
>
>Andrew
>
>Sonny Sukumar wrote:
> > Hi Andrew,
> >
> > My point was that the login page should never get involved, since no
> > redirect should occur to it using auth-login.  Neverthless, I must be
> > missing something, so here's my authentication sitemap code in its
> > entirety, including the handler configuration.  Take a look and let me
> > know if you see something amiss.
> >
> >  <map:component-configurations>
> >    ...
> >    <authentication-manager>
> >      <handlers>
> >        <!-- Authenticates site administrators. -->
> >        <handler name="adminAuthHandler">
> >          <redirect-to uri="cocoon:/getAdminLoginPage"/>
> >          <authentication uri="cocoon:/raw:/authenticateAdmin"/>
> >        </handler>
> >      </handlers>
> >    </authentication-manager>
> >    ...
> >  </map:component-configurations>
> >
> >  ...
> >
> >      <!-- Generate and display the login page.-->
> >      <map:match pattern="getAdminLoginPage">
> >        <map:generate src="myapp/xml/adminLogin.xsp" type="serverpages"/>
> >        <map:transform type="session"/>
> >        <map:serialize type="xml"/>
> >      </map:match>
> >
> >      <!-- Try to log in the admin. -->
> >      <map:match pattern="adminLogin">
> >        <map:act type="auth-login">
> >          <map:parameter name="handler" value="adminAuthHandler"/>
> >          <map:parameter name="parameter_userName"
> > value="{request-param:userName}"/>
> >          <map:parameter name="parameter_password"
> > value="{request-param:password}"/>
> >
> >          <map:read src="myapp/html_test/authSucceeded.html"/>
> >        </map:act>
> >
> >        <!-- Authentication failed -->
> >        <map:read src="myapp/html_test/authFailed.html"/>
> >      </map:match>
> >
> >      <!-- My auth resource, as defined in the handler. -->
> >      <map:match pattern="authenticateAdmin">
> >        <map:generate src="myapp/xml/authenticateAdmin.xsp"
> > type="serverpages"/>
> >        <map:serialize type="xml"/>
> >      </map:match>
> >
> >      <map:match pattern="adminLogout">
> >        <map:act type="auth-logout">
> >          <map:parameter name="handler" value="adminAuthHandler"/>
> >          <!--+
> >
> >            | ::UNRESOLVED ISSUE:: SS 08/19/03
> >            |
> >            | Admin logout succeeded, so tell admin in some way, perhaps
> >            | a static page.
> >
> >            +-->
> >        </map:act>
> >
> >        <!--+
> >
> >            | ::UNRESOLVED ISSUE:: SS 08/19/03
> >            |
> >            | Admin logout failed. Is that even possible?  What to do 
>here?
> >
> >            +-->
> >      </map:match>
> >
> >> From: Andrew Timberlake <andrew@timberlake.co.za>
> >> Reply-To: users@cocoon.apache.org
> >> To: users@cocoon.apache.org
> >> Subject: Re: 1 more auth question..
> >> Date: Sun, 24 Aug 2003 12:58:22 +0200
> >>
> >> Sonny
> >>
> >> I've had a look and I'm not sure why this is happenning.
> >> There are bits of the sitemap missing which are still part of the auth
> >> process such as your login page itself. Maybe the problem lies there
> >> somewhere???
> >>
> >> Sorry I can't help further.
> >>
> >> Andrew
> >>
> >> Sonny Sukumar wrote:
> >>> Update: I was mistake before when I said that if the login suceeds,
> >>> the correct html file is shown.  It's not.  Rather, in both cases I'm
> >>> redirected to the pipeline defined in the authentication handler.
> >>>
> >>> To reiterate, this confuses me because I thought no such redirect
> >>> should ever occur with auth-login, but rather only with
> >>> auth-protect.  Again, take a look at the sitemap snippet from my
> >>> original post (below here).
> >>>
> >>> Any insights would be great,
> >>>
> >>> Sonny
> >>>
> >>>> From: "Sonny Sukumar" <ahimsadesi@hotmail.com>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> Hi Andrew,
> >>>>
> >>>> Thanks for that tip.  But there seems to be something else going on
> >>>> as well....
> >>>>
> >>>> If the login succeeds, the correct static html file is shown (see
> >>>> the the sitemap snippet I gave before--below), but if it fails then
> >>>> I end up being redirected to the "redirect-to" page defined for the
> >>>> auth handler.  I thought that if the auth-login fails, then it would
> >>>> just read whatever comes after the action (another static html file,
> >>>> for testing at least).
> >>>>
> >>>> To add to the strangeness, the redirected to page (a login page I
> >>>> generate) shows the originally requested URI  (I embed the
> >>>> originally requested URI in the generated login page) as getting the
> >>>> userName and password each **twice**.  Here's what it says is the
> >>>> originally requested URI:
> >>>>
> >>>> 
>/adminLogin?password=test_pwd&userName=test_user&userName=test_user&pass
> >>>>word=test_pwd
> >>>>
> >>>>
> >>>>
> >>>> The Cocoon documentation doesn't say anything to explain this
> >>>> behavior, but then again it wasn't very clear about the other things
> >>>> either.
> >>>>
> >>>> Do you have any ideas on this?
> >>>>
> >>>> Thanks again,
> >>>>
> >>>> Sonny
> >>>>
> >>>>> From: Andrew Timberlake <andrew@timberlake.co.za>
> >>>>> Reply-To: users@cocoon.apache.org
> >>>>> To: users@cocoon.apache.org
> >>>>> Subject: Re: 1 more auth question..
> >>>>> Date: Sat, 23 Aug 2003 15:34:57 +0200
> >>>>>
> >>>>> Sonny
> >>>>>
> >>>>> Look at this snippet:
> >>>>> <map:parameter name="parameter_userName"
> >>>>>  value="{request-param:userName}"/>
> >>>>> <map:parameter name="parameter_password"
> >>>>>  value="{request-param:password}"/>
> >>>>> Here you are passing two parameters to the auth action named
> >>>>> parameter_userName and parameter_password. The values of each of
> >>>>> these parameters is coming directly from the request parameters
via
> >>>>> the request-param input module.
> >>>>>
> >>>>> If you look at the source for the auth-login action
> >>>>> (org.apache.cocoon.webapps.authentication.acting.LoginAction) on
> >>>>> lines 104-107 the action is taking all parameters beginning with
> >>>>> "parameter_" and passing them as parameters to the authentication
> >>>>> resource.
> >>>>> ie. if you set the above parameters for the auth-login action, they
> >>>>> will be passed to your XSP as two parameters: userName and password
> >>>>> (dropped the "parameter_" bit.
> >>>>> Therefore your XSP code should be similar to the following:
> >>>>> ...
> >>>>> String userName = parameters.getParameter("userName");
> >>>>> String password = parameters.getParameter("password");
> >>>>> ...
> >>>>>
> >>>>> Hope this helps
> >>>>>
> >>>>> Andrew
> >>>>>
> >>>>> Sonny Sukumar wrote:
> >>>>>> Hi all,
> >>>>>>
> >>>>>> I'm not clear on how the authentication resource gets parameters
> >>>>>> that are passed to it from <auth-login>.  My auth resource
is an
> >>>>>> XSP, and I try to fetch them as request params.  However, I'm
not
> >>>>>> sure if that's correct because I've verified that my auth resource
> >>>>>> produces output matching the <authentication>...</authentication>
> >>>>>> scheme it is supposed to when given request params, but yet
the
> >>>>>> <auth-login> always seems to fail.
> >>>>>>
> >>>>>> Here's my sitemap snippet:
> >>>>>>
> >>>>>>    <!-- Try to log in an admin. -->
> >>>>>>    <map:match pattern="adminLogin">
> >>>>>>        <map:act type="auth-login">
> >>>>>>          <map:parameter name="handler" value="adminAuthHandler"/>
> >>>>>>          <map:parameter name="parameter_userName"
> >>>>>> value="{request-param:userName}"/>
> >>>>>>          <map:parameter name="parameter_password"
> >>>>>> value="{request-param:password}"/>
> >>>>>>
> >>>>>>          <!-- Really should be a redirect here, but this
is for
> >>>>>> simplicity of illustration.-->
> >>>>>>          <map:read src="myapp/authSuccessful.html"/>
> >>>>>>        </map:act>
> >>>>>>
> >>>>>>        <!-- Authentication failed -->
> >>>>>>        <map:read src="myapp/authFailed.html"/>
> >>>>>>    </map:match>
> >>>>>>
> >>>>>>    <!-- Auth resource -->
> >>>>>>    <map:match pattern="authenticateAdmin">
> >>>>>>        <map:generate src="redpouch/xml/authenticateAdmin.xsp"
> >>>>>> type="serverpages"/>
> >>>>>>        <map:serialize type="xml"/>
> >>>>>>    </map:match>
> >>>>>>
> >>>>>> Here's my handler declaration:
> >>>>>>
> >>>>>> <!-- Authenticates site administrators. -->
> >>>>>> <handler name="adminAuthHandler">
> >>>>>>  <redirect-to uri="cocoon:/getAdminLoginPage"/>
> >>>>>>  <authentication uri="cocoon:/raw:/authenticateAdmin"/>
> >>>>>> </handler>
> >>>>>>
> >>>>>> So I try to do 'request.getParameter("userName")' and
> >>>>>> 'request.getParameter("password")' in my XSP (i.e. my auth
> >>>>>> resource), but authFailed.html is **always** shown, whether
or not
> >>>>>> the user name/password combination is valid.
> >>>>>>
> >>>>>> I also still don't quite understand why the 'raw:/' subprotocol
> >>>>>> needs to be used in the <authentication> tag in the handler.
 It
> >>>>>> is that way in the docs, but I tried both with and without it,
and
> >>>>>> the auth fails no matter what.
> >>>>>>
> >>>>>> I'd appreciate any hints. :-)
> >>>>>>
> >>>>>> Sonny
> >>>>>>
> >>>>>> _________________________________________________________________
> >>>>>> MSN 8: Get 6 months for $9.95/month.
> >>>>>> http://join.msn.com/?page=dept/dialup
> >>>>>>
> >>>>>>
> >>>>>> 
>---------------------------------------------------------------------
> >>>>>> To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
> >>>>>> For additional commands, e-mail: users-help@cocoon.apache.org
> >>>>>
> >>>>> 
>---------------------------------------------------------------------
> >>>>> To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
> >>>>> For additional commands, e-mail: users-help@cocoon.apache.org
> >>>>
> >>>> _________________________________________________________________
> >>>> MSN 8: Get 6 months for $9.95/month.
> >>>> http://join.msn.com/?page=dept/dialup
> >>>>
> >>>>
> >>>> ---------------------------------------------------------------------
> >>>> To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
> >>>> For additional commands, e-mail: users-help@cocoon.apache.org
> >>>
> >>> _________________________________________________________________
> >>> Get MSN 8 and help protect your children with advanced parental
> >>> controls.  http://join.msn.com/?page=features/parental
> >>>
> >>>
> >>> ---------------------------------------------------------------------
> >>> To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
> >>> For additional commands, e-mail: users-help@cocoon.apache.org
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
> >> For additional commands, e-mail: users-help@cocoon.apache.org
> >
> > _________________________________________________________________
> > MSN 8: Get 6 months for $9.95/month 
>http://join.msn.com/?page=dept/dialup
>
>-------------------------------------------------------

_________________________________________________________________
MSN 8: Get 6 months for $9.95/month. http://join.msn.com/?page=dept/dialup


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org


Mime
View raw message