cocoon-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Cocoon User" <>
Subject Re: Authentication Framework: Separate pipelines required for public versus priv
Date Tue, 02 Aug 2005 14:46:11 GMT
Thanks for your response.

I actually found a solution. Using a parameter selector I can choose to 
auth-protect or not.  Therefore,the same pipeline can be protected or not 
protected based on whether the page is public or private.. This works. I 
have tested it. However I have some larger design questions that may cause 
me to not go this way at all.


>From: Sami Rajala <>
>Reply-To: Sami Rajala <>
>Subject: Re: Authentication Framework: Separate pipelines required for 
>public versus private?
>Date: Thu, 28 Jul 2005 12:18:38 +0300
>It depends how you match your pages in the pipeline. Authentication fw
>(both action and flow based) allows you to protect for example a
>single match element:
><map:match pattern="protectedresource">
>   <map:act type="auth-protect">
>     <map:parameter name="handler" value="portalhandler"/>
>     <map:generate src="source/resource.xml"/>
>     <map:serialize type="xml"/>
>   </map:act>
>the example is from auth fw documentation found here:
>In the example the document is surrounded by auth-protect action and
>demands that the user is authenticated against portalhandler. If you
>remove the surrounding map:act element, no authentication is needed.
>Same goes with flow, though the syntax is slightly different.
>On 7/27/05, Cocoon User <> wrote:
> > Our site is very data driven. Because we didn't think it mattered, and 
> > was simple, we designed it so the same pipeline is used for all pages 
> > a few exceptions). So the sitemap currenlty  doesn't know and doesn't 
> > whats public and private. The database contriols what pages are public 
> > private.
> >
> > We are just now looking into authentication and I am worried that the
> > separation of public and private pages need to occur in the sitemap in 
> > for this to work and therefore, having the same pipeline for both is 
> > to be problematic. As it stands now, if I was to put an authentication
> > handler around my pipeline that handles all pages, then all pages that 
> > to that pipeline will be treated as private.
> >
> > I do not know if its possible to use the Cocoon authentication framework 
> > still have the same pipeline deal with public and private pages. Does 
> > know?
> >
> > _________________________________________________________________
> > On the road to retirement? Check out MSN Life Events for advice on how 
> > get there!
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail:
> > For additional commands, e-mail:
> >
> >
>To unsubscribe, e-mail:
>For additional commands, e-mail:

Express yourself instantly with MSN Messenger! Download today - it's FREE!

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message