cocoon-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sandor Spruit <san...@cs.uu.nl>
Subject Re: Refined authentication: directory open for users, subdirectory for subgroup of users?
Date Wed, 19 Nov 2003 14:34:33 GMT
Carsten Ziegeler wrote:
> Just an idea how to solve this:
> - during authentication you can pass the group information in the XML
>   that is stored in the session.
> - you can then write a "is-in-group"-selector and use that in the sitemap.
> So if someone wants to access students/group 2, the selector looks in the
> authentication xml stored in the session and grants only access if the
> user is in the appropriate role.

Thanks for your suggestions.

Let me try to rephrase this to see if I understand what you mean:
* I use auth-actions to protect my top-level "students" directory;
* The actions fetch XML-encoded authentication info from someplace;
* Relevant user info, e.g. group membership, moves into session objects;
* I use the session info in a selector, enclosed in the auth-actions;
* The selector redirects, either to the protected document or login;

Right?

Sandor
--
Information and Computing Sciences, Utrecht University
Contact information, see: http://www.cs.uu.nl/people/sandor/
"Our minds are harnessed by knowledge, by the hill and the will
to succeed". From: Fish, "Vigil in a wilderness of mirrors"






---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org


Mime
View raw message