cocoon-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Thomas Soddemann <soddem...@rzg.mpg.de>
Subject Re: Restrict access to parts of sitemap
Date Thu, 20 Jul 2006 19:57:42 GMT
Andrew Stevens wrote:
>
> Another possibility - you could always use the J2EE container-provided 
> security and add a security-constraint to your web.xml for 
> <url-pattern>/buildindex</url-pattern>.  That might be simpler than 
> learning the authentication framework or acegi if don't need to 
> authenticate users in the rest of your site.
>
Hi Andrew,

what do you mean by "if [you] don't need to authenticate ..."?
The remoteUser property is set in the HttpRequest if a user is 
authenticated and can e.g. be used for authorization (apart from the 
configurational authorization you have already mentioned). Depending on 
the security modul employed, additional informations are "shipped" with 
each HttpRequest or set in the session.

Thomas

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org


Mime
View raw message