cocoon-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mike Dickson" <>
Subject RE: Security and Authentication
Date Fri, 18 Nov 2005 00:34:30 GMT
{request:remoteUser} worked!  I thank you for your time.


For the record:

              <map:match pattern="user/home">

                    <map:generate src="transform/user/home.xml"/>

                    <map:transform src="transform/user/home.xsl">

                        <map:parameter name="use-request-parameters"

                        <map:parameter name="use-session-info"

                        <map:parameter name="remoteUser"


                    <map:transform type="encodeURL"/>

                    <map:serialize type="html"/>



One note:  I have spent three days looking around the Internet to solve
this.  I am sure many people need to know the answer to this question.  I
hope someone that has control of the docs can add something.  Otherwise,
this post may help out.


Mike D.


-----Original Message-----
From: Andrew Stevens [] 
Sent: Thursday, November 17, 2005 4:17 PM
Subject: RE: Security and Authentication


>From: "Mike Dickson" <>

>Date: Thu, 17 Nov 2005 12:31:35 -0800


>What data does Tomcat forward to Cocoon so I can tell which user has just

>logged in? I need to look up their data and have it ready for the user home

>page.  (What variables are handed to Cocoon to work with?  JSESSIONID?  How

>do I get at them? {request-param:..}?)


I haven't checked what's currently available in CVS, but in one of our 

projects a while back I just modified the request parameter action (I think)

to put the getRemoteUser() value in an extra entry in the returned map.  

Then I just used that in the sitemap with {remoteUser}.

Another possibility (for which I submitted a patch - #35051 in bugzilla) is 

to add it to the request generator output.  I have a vague feeling you can 

also access it with the request input module ({request:remoteUser} maybe?) 

though I might be wrong about that.


There's also a patch in bugzilla (#32164) that fixes the broken 

RoleFilterTransformer, so you can make use of isUserInRole() privileges.








To unsubscribe, e-mail:

For additional commands, e-mail:

View raw message