cocoon-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bertrand Delacretaz" <>
Subject Re: Restrict access to parts of sitemap
Date Thu, 20 Jul 2006 08:13:06 GMT
On 7/19/06, <> wrote:

> ...<map:match pattern="buildIndex">
>         <map:generate src="http://localhost:8080//index.xml
> "/>...

> ...which means every (outside) user could be able to start the index when
> calling buildIndex. I would like to avoid that. Question is: how? ..

The clean and safest way is to use Cocoon's authentication framework
to require authentication before accessing buildindex.

But you could also:

a) check the client's IP address and allow only requests from
localhost to buildindex (if you're using a reverse proxy in front of
Cocoon you'll get this via the X-Forwarded-For header, which you can
check with a WildcardHeaderMatcher, but see

b) use security by obscurity and use a hard go guess URL instead of
buildindex. It's not really safe but the risks are not very high
either if it's just for index creation


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message