Return-Path: Delivered-To: apmail-cocoon-users-archive@cocoon.apache.org Received: (qmail 53918 invoked by uid 500); 24 Aug 2003 01:16:53 -0000 Mailing-List: contact users-help@cocoon.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: list-post: Reply-To: users@cocoon.apache.org Delivered-To: mailing list users@cocoon.apache.org Received: (qmail 53889 invoked from network); 24 Aug 2003 01:16:52 -0000 Received: from law10-f98.law10.hotmail.com (HELO hotmail.com) (64.4.15.98) by daedalus.apache.org with SMTP; 24 Aug 2003 01:16:52 -0000 Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Sat, 23 Aug 2003 17:27:58 -0700 Received: from 66.214.9.64 by lw10fd.law10.hotmail.msn.com with HTTP; Sun, 24 Aug 2003 00:27:58 GMT X-Originating-IP: [66.214.9.64] X-Originating-Email: [ahimsadesi@hotmail.com] Reply-To: ssukumar@ecologyfund.net From: "Sonny Sukumar" To: users@cocoon.apache.org Bcc: Subject: Re: 1 more auth question.. Date: Sat, 23 Aug 2003 17:27:58 -0700 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 24 Aug 2003 00:27:58.0506 (UTC) FILETIME=[91B630A0:01C369D6] X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N Hi Andrew, Thanks for that tip. But there seems to be something else going on as well.... If the login succeeds, the correct static html file is shown (see the the sitemap snippet I gave before--below), but if it fails then I end up being redirected to the "redirect-to" page defined for the auth handler. I thought that if the auth-login fails, then it would just read whatever comes after the action (another static html file, for testing at least). To add to the strangeness, the redirected to page (a login page I generate) shows the originally requested URI (I embed the originally requested URI in the generated login page) as getting the userName and password each **twice**. Here's what it says is the originally requested URI: /adminLogin?password=test_pwd&userName=test_user&userName=test_user&password=test_pwd The Cocoon documentation doesn't say anything to explain this behavior, but then again it wasn't very clear about the other things either. Do you have any ideas on this? Thanks again, Sonny >From: Andrew Timberlake >Reply-To: users@cocoon.apache.org >To: users@cocoon.apache.org >Subject: Re: 1 more auth question.. >Date: Sat, 23 Aug 2003 15:34:57 +0200 > >Sonny > >Look at this snippet: > value="{request-param:userName}"/> > value="{request-param:password}"/> >Here you are passing two parameters to the auth action named >parameter_userName and parameter_password. The values of each of these >parameters is coming directly from the request parameters via the >request-param input module. > >If you look at the source for the auth-login action >(org.apache.cocoon.webapps.authentication.acting.LoginAction) on lines >104-107 the action is taking all parameters beginning with "parameter_" and >passing them as parameters to the authentication resource. >ie. if you set the above parameters for the auth-login action, they will be >passed to your XSP as two parameters: userName and password (dropped the >"parameter_" bit. >Therefore your XSP code should be similar to the following: >... >String userName = parameters.getParameter("userName"); >String password = parameters.getParameter("password"); >... > >Hope this helps > >Andrew > >Sonny Sukumar wrote: >> >>Hi all, >> >>I'm not clear on how the authentication resource gets parameters that are >>passed to it from . My auth resource is an XSP, and I try to >>fetch them as request params. However, I'm not sure if that's correct >>because I've verified that my auth resource produces output matching the >>... scheme it is supposed to when given >>request params, but yet the always seems to fail. >> >>Here's my sitemap snippet: >> >> >> >> >> >> >value="{request-param:userName}"/> >> >value="{request-param:password}"/> >> >> >> >> >> >> >> >> >> >> >> >> >type="serverpages"/> >> >> >> >>Here's my handler declaration: >> >> >> >> >> >> >> >>So I try to do 'request.getParameter("userName")' and >>'request.getParameter("password")' in my XSP (i.e. my auth resource), but >>authFailed.html is **always** shown, whether or not the user name/password >>combination is valid. >> >>I also still don't quite understand why the 'raw:/' subprotocol needs to >>be used in the tag in the handler. It is that way in the >>docs, but I tried both with and without it, and the auth fails no matter >>what. >> >>I'd appreciate any hints. :-) >> >>Sonny >> >>_________________________________________________________________ >>MSN 8: Get 6 months for $9.95/month. http://join.msn.com/?page=dept/dialup >> >> >>--------------------------------------------------------------------- >>To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org >>For additional commands, e-mail: users-help@cocoon.apache.org >> >> > > >--------------------------------------------------------------------- >To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org >For additional commands, e-mail: users-help@cocoon.apache.org > _________________________________________________________________ MSN 8: Get 6 months for $9.95/month. http://join.msn.com/?page=dept/dialup --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org For additional commands, e-mail: users-help@cocoon.apache.org