cocoon-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Konovalov <oleg...@yahoo.com>
Subject Access to user role
Date Fri, 10 Jun 2005 17:55:58 GMT
Hi,

I am modifying somebody else's Cocoon application.
I need to disallow users with some specific role
to see certain parts of the screen (pseudo-menu).

An existing mechanism for that is:
<xsl:variable name='isUser'
select='/root/secure:securityProfile/secure:roles/secure:role[.="mbr-user"]'/>

...

<xsl:if test='not($isUser)'> 	
  <td><a href="sil/main_sil" target="_parent"> 
    <img src="images/common/sitenav.gif" width="114" height="45"
border="0" /></a></td>
</xsl:if>	

That "mbr-user" role is configured in web.xml & database,
the user has this role [defined in the database].

That seems to work on initial page [index.xsl],
but doesn't work on subsequent pages (in another folder).

Any clues why it doesn't and how to fix that?
(everything else works fine)

Thank you in advance,
Oleg.

--- Oleg Konovalov <olegkon@yahoo.com> wrote:

> Hi,
> 
> I am trying to configure my Cocoon application
> so that particular role has access only to
> the app root [login.xsl, index.xsl]
> but not to other directories.
> 
> But is seems that as soon as I put "/" or "/*",
> it gets access to all directories under the root.
> 
> Snippet from web.xml:
> <security-constraint>
>      <web-resource-collection>
>         <web-resource-name>App Root only</web-resource-name>
> 	<url-pattern>/*</url-pattern>
>      </web-resource-collection>
>      <auth-constraint>	
> 	<role-name>role1</role-name>	
>      </auth-constraint>
>   </security-constraint>
> 
> How do I restrict access to the root only ?
> 
> 
> Thank you in advance,
> Oleg.
> 
>
---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
> For additional commands, e-mail: users-help@cocoon.apache.org
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org


Mime
View raw message