cocoon-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Konovalov <oleg...@yahoo.com>
Subject Re: Access to user role
Date Fri, 10 Jun 2005 19:05:30 GMT
I just checked: on that non-initial page (xslt/common.xsl) the
value of variable isUser is an empty string.

What is that:
/root/secure:securityProfile/secure:roles/secure:role[.="mbr-user"]'
  ?
Is that a page parameter, securityProfile or retrieved from the
database?  Any pointers ?

I am new to Cocoon and XSLT.

Thank you in advance,
Oleg.

--- Oleg Konovalov <olegkon@yahoo.com> wrote:

> Hi,
> 
> I am modifying somebody else's Cocoon application.
> I need to disallow users with some specific role
> to see certain parts of the screen (pseudo-menu).
> 
> An existing mechanism for that is:
> <xsl:variable name='isUser'
>
select='/root/secure:securityProfile/secure:roles/secure:role[.="mbr-user"]'/>
> 
> ...
> 
> <xsl:if test='not($isUser)'> 	
>   <td><a href="sil/main_sil" target="_parent"> 
>     <img src="images/common/sitenav.gif" width="114"
> height="45"
> border="0" /></a></td>
> </xsl:if>	
> 
> That "mbr-user" role is configured in web.xml & database,
> the user has this role [defined in the database].
> 
> That seems to work on initial page [index.xsl],
> but doesn't work on subsequent pages (in another folder).
> 
> Any clues why it doesn't and how to fix that?
> (everything else works fine)
> 
> Thank you in advance,
> Oleg.
> 
> --- Oleg Konovalov <olegkon@yahoo.com> wrote:
> 
> > Hi,
> > 
> > I am trying to configure my Cocoon application
> > so that particular role has access only to
> > the app root [login.xsl, index.xsl]
> > but not to other directories.
> > 
> > But is seems that as soon as I put "/" or "/*",
> > it gets access to all directories under the root.
> > 
> > Snippet from web.xml:
> > <security-constraint>
> >      <web-resource-collection>
> >         <web-resource-name>App Root only</web-resource-name>
> > 	<url-pattern>/*</url-pattern>
> >      </web-resource-collection>
> >      <auth-constraint>	
> > 	<role-name>role1</role-name>	
> >      </auth-constraint>
> >   </security-constraint>
> > 
> > How do I restrict access to the root only ?
> > 
> > 
> > Thank you in advance,
> > Oleg.
> > 
> >
>
---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
> > For additional commands, e-mail:
> users-help@cocoon.apache.org
> > 
> > 
> 
> 
>
---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
> For additional commands, e-mail: users-help@cocoon.apache.org
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org


Mime
View raw message