Another fw-auth question

Return-Path: Delivered-To: apmail-cocoon-users-archive@www.apache.org Received: (qmail 87040 invoked from network); 12 Jan 2005 09:07:46 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur-2.apache.org with SMTP; 12 Jan 2005 09:07:46 -0000 Received: (qmail 92698 invoked by uid 500); 12 Jan 2005 09:07:39 -0000 Delivered-To: apmail-cocoon-users-archive@cocoon.apache.org Received: (qmail 92669 invoked by uid 500); 12 Jan 2005 09:07:38 -0000 Mailing-List: contact users-help@cocoon.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: list-post: Reply-To: users@cocoon.apache.org Delivered-To: mailing list users@cocoon.apache.org Received: (qmail 92654 invoked by uid 99); 12 Jan 2005 09:07:38 -0000 X-ASF-Spam-Status: No, hits=0.2 required=10.0 tests=HTML_MESSAGE,HTML_TEXT_AFTER_BODY X-Spam-Check-By: apache.org Received-SPF: pass (hermes.apache.org: local policy) Received: from spambuster.realise.com (HELO spambuster.realise.com) (195.188.8.70) by apache.org (qpsmtpd/0.28) with ESMTP; Wed, 12 Jan 2005 01:07:38 -0800 Received: from webmail2.ad.realise.com ([195.188.8.82]) by spambuster.realise.com with Microsoft SMTPSVC(5.0.2195.6713); Wed, 12 Jan 2005 09:07:15 +0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441 Content-Class: urn:content-classes:message MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C4F886.1C752F04" Disposition-Notification-To: "Jon Tonberg" Subject: Another fw-auth question Date: Wed, 12 Jan 2005 09:07:15 -0000 Message-ID: <135F70D26B6D694687F243DA7411548A407DED@webmail2.ad.realise.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Another fw-auth question Thread-Index: AcT4hhw6Ojf6/OMcT8GKJ4jDJoKADA== From: "Jon Tonberg" To: X-OriginalArrivalTime: 12 Jan 2005 09:07:15.0894 (UTC) FILETIME=[1C658D60:01C4F886] X-Virus-Checked: Checked X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N ------_=_NextPart_001_01C4F886.1C752F04 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hello all I apologise in advance for the length of this email, but I'm at the = "pulling hair out stage" with this one. =20 I wonder if anyone can help me out here - I'm having problems with = authentication in Cocoon 2.1.6, (under Tomcat 4.1, Java 1.4.1). In the past, I've successfully implemented sunrise authentication in = previous versions of Cocoon (e.g. 2.0.4) but am struggling with one = particular issue under 2.1.6. I am using an XSP to implement my authentication handler. My specific = problem is that the handler match cannot read the {request-param:XXX} = parameters or any sitemap parameters instantiated by the login match. =20 The login match can see the request parameters POSTed from the login = page, but if I then instantiate those as sitemap parameters, they cannot = be read by the subsequent handler match. Incidentally, if I hardcode the parameters in the handler match, the XSP = runs correctly and authenticates using the hardcoded parameters, so it = is not an XSP problem. The XSP tries to pick up the sitemap parameters = (e.g. username and password). I have also tried to pick up the request = object parameters from within the XSP - this does not work. I don't remember having this issue with 2.0.4, but it's highly likely = that I'm doing something silly here and just can't see it. Any pointers = would be very welcome - I've trawled the mailing list archives, docs and = wiki but don't seem to be getting any further. To illustrate, here are some relevant snippets from my sitemap: -

=09 =09 =09 =20 =20 =09 =09

Regards, jon This electronic message contains information which may be privileged and = confidential. The information is intended to be for the use of the = individual(s) or entity named above. If you are not the intended = recipient, be aware that any disclosure, copying, distribution or use of = the contents of this information is prohibited. If you have received = this electronic message in error, please notify us by telephone on 0131 = 476 6000 and delete the material from your computer. ------_=_NextPart_001_01C4F886.1C752F04 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Another fw-auth question

Hello all

I apologise in advance for the length = of this email, but I'm at the "pulling hair out stage" with = this one.

I wonder if anyone can help me out = here - I'm having problems with authentication in Cocoon 2.1.6, (under = Tomcat 4.1, Java 1.4.1).

In the past, I've successfully = implemented sunrise authentication in previous versions of Cocoon (e.g. = 2.0.4) but am struggling with one particular issue under = 2.1.6.

I am using an XSP to implement my = authentication handler. My specific problem is that the handler = match cannot read the {request-param:XXX} parameters or any sitemap = parameters instantiated by the login match.

The login match can see the request = parameters POSTed from the login page, but if I then instantiate those = as sitemap parameters, they cannot be read by the subsequent handler = match.

Incidentally, if I hardcode the = parameters in the handler match, the XSP runs correctly and = authenticates using the hardcoded parameters, so it is not an XSP = problem. The XSP tries to pick up the sitemap parameters (e.g. = username and password). I have also tried to pick up the request = object parameters from within the XSP - this does not work.

I don't remember having this issue = with 2.0.4, but it's highly likely that I'm doing something silly here = and just can't see it. Any pointers would be very welcome - I've = trawled the mailing list archives, docs and wiki but don't seem to be = getting any further.

To illustrate, here are some relevant = snippets from my sitemap: -

<authentication-manager>
        <handlers>
        =         <handler name=3D"auth-handler">
        =         =         
        =         =         <redirect-to = uri=3D"cocoon:/login-page"/>
        =         =         
        =         =         <authentication = uri=3D"cocoon:raw:/auth-user"/>
        =         </handler>
        </handlers>
</authentication-manager>

<map:pipeline = internal-only=3D"true">
        
        <map:match = pattern=3D"auth-user">
        =         <map:generate type=3D"serverpages" = src=3D"serverpages/auth-user.xsp">

=         =         
        =         =

=         =         
        =         =        =20
        =         =

=         =         <map:parameter name=3D"param_username" = value=3D"{param_username}"/>
        =         =         <map:parameter name=3D"param_password" = value=3D"{param_username}"/>
        =         =        =20
        =         =

=         =         
        =         </map:generate>
        =         <map:serialize type=3D"xml"/>
        </map:match>
</map:pipeline>

<map:pipeline>
=20

        <map:match = pattern=3D"login-page">
        =         <map:generate = src=3D"deployed/xml/login.xml"/>
        =         <map:transform type=3D"xslt" = src=3D"stylesheets/application/login.xsl">
        =         =         <map:parameter name=3D"param_resource" = value=3D"{request-param:resource}"/>
        =         =         <map:parameter name=3D"param_username" = value=3D""/>
        =         =         <map:parameter name=3D"param_fail" = value=3D"false"/>
        =         </map:transform>
        =         <map:serialize type=3D"xhtml"/>
        </map:match>

        <map:match = pattern=3D"login-page-fail">
        =         <map:generate = src=3D"deployed/xml/login.xml"/>
        =         <map:transform type=3D"xslt" = src=3D"stylesheets/application/login.xsl">
        =         =         <map:parameter name=3D"param_username" = value=3D"{request-param:username}"/>
        =         =         <map:parameter name=3D"param_resource" = value=3D"{request-param:resource}"/>
        =         =         <map:parameter name=3D"param_fail" = value=3D"true"/>
        =         </map:transform>
        =         <map:serialize type=3D"xhtml"/>
        </map:match>    =         =

<map:match pattern=3D"login">
        =         <map:act type=3D"auth-login">
        =         =         <map:parameter name=3D"handler" = value=3D"auth-handler"/>
        =         =         
        =         =         <map:parameter name=3D"param_username" = value=3D"{request-param:username}"/>
        =         =         <map:parameter name=3D"param_password" = value=3D"{request-param:password}"/> =         =
        =         =         
        =         =         <map:redirect-to = uri=3D"{request-param:resource}"/>
        =         </map:act>
        =         
        =         <map:redirect-to = uri=3D"cocoon:/login-page-fail"/>
        </map:match>

=

<map:match = pattern=3D"index.html">
        =         <map:act type=3D"auth-protect">
        =         =         <map:parameter name=3D"handler" = value=3D"auth-handler"/>
        =         =         
        =         </map:act>
        </map:match>
</map:pipeline>

Regards,
jon

This = electronic message contains information which may be privileged and = confidential. The information is intended to be for the use of the = individual(s) or entity named above. If you are not the intended = recipient, be aware that any disclosure, copying, distribution or use of = the contents of this information is prohibited. If you have received = this electronic message in error, please notify us by telephone on 0131 = 476 6000 and delete the material from your computer.

------_=_NextPart_001_01C4F886.1C752F04--