forrest-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alex Batlin" <a...@batlin.com>
Subject RE: Dynamic or Static Access Control Lists
Date Sun, 21 Nov 2004 21:33:01 GMT
Thank you all for your responses. As suggested, I have raised an RFE. See
http://issues.cocoondev.org/browse/FOR-385.

I have never used cocoon. I have figured out ant, docbook, xslt processing,
but have not used cocoon beyond forrest, which nicely encapsulates it.

Couple points to consider (from the issue I raised)
1. how much work will be required to extend site.xml and tabs.xml to include
profiling?
2. how does the auth pipeline fit in, do you mean that once the user is
authenticated, user to role mapping is done and user's role profile is then
propagated in the session, and that is what is then used by the profiler?
3. can anything be done for the static site e.g. generate all permutations
of profiled docs, and when the user logs in (say using jscript), the user is
then redirect to the right version of the document? Sounds very much like a
hack, but have not got any other ideas at the moment, so suggestions are
welcome.

Many thanks.

-----Original Message-----
From: Ross Gardler [mailto:rgardler@apache.org] 
Sent: 21 November 2004 13:49
To: dev@forrest.apache.org
Subject: Re: Dynamic or Static Access Control Lists

Thorsten Scherler wrote:
> El dom, 21-11-2004 a las 09:13, Alex Batlin escribió:
> 
>>Has anyone configured Forrest to allow user to provide userid and
>>password, and then generated documents based on their role/group.
>>Document elements can then be tagged with role/group. I am thinking of
>>the way profiling is done in DocCook.
> 
> 
> No, not AFAIK, but it should be quite easy.
> 
> I will need auth as well pretty soon for profiling. You can either beat
> me by sending a patch or hang in there and wait (I guess end of the
> year) till I implemend it.
> 
> Basicly you have to do the following for auth, protected docs and
> profiling:
> 1) create a dir where the protected docs go
> 2) create a auth pipeline where you start the session
> 3) add profiling to the session in your profiling
> 4) change your skin pipelines to display the profiled content

There are a number of authorisation blocks in Cocoon. Take a look at the 
Cocoon docs and their wiki for examples. If you fancy having a go at 
implementing this before it reaches the top of Throsten's ToDo list we 
will be happy to advise on the best approach.

Ross




Mime
View raw message