forrest-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gunther Sablon <Gunther.Sab...@luciad.com>
Subject Re: access control - user roles by sitemap
Date Wed, 21 Dec 2005 09:32:04 GMT
Dear Helena,
- the specification of the mechanism for authentication is specified in 
server.xml. 
In particular, look for the different example realm sections.
- the specification of the authorisation can be specified in web.xml. 
In particular, in the security-constraint section you can specify
a) a web-resource-collection section which specifies a url-pattern
b) an auth-constraint section which specifies a sequence of roles.
In login-config you have to specify the authentication method.
In security-roles you have to list the different roles used in the 
auth-constraint sections.
Best regards,
Gunther

Helena Edelson wrote:

> That should work,
> are you saying to handle auth in server.xml and parts in web.xml?
>
> thank you.
> helena
>
> Gunther Sablon wrote:
>
>> Hi,
>> we are running forrest as a webapp in Tomcat.
>> We use the authentication mechanisms of Tomcat:
>> - before we had users  in tomcat_users.xml; currently they are in 
>> LDAP (can be setup in server.xml)
>> - web.xml specifies the parts of the site that need authentication.
>> There is no connection to the sitemap, so maybe I have misunderstood 
>> your question...
>> Best regards,
>> Gunther
>>
>> Helena Edelson wrote:
>>
>>> thanks. will do.
>>> i am also working on i18n stuff. when i figure it out,
>>> i was thinking it might be help ful to write a how to.
>>> everything so far seems
>>> fractured in terms of the steps to take to implement.
>>> there are many if then's and info is everywhere, from
>>> docs to jira to cocoon docs..
>>>
>>> helena
>>>
>>> Ross Gardler wrote:
>>>
>>>> Helena Edelson wrote:
>>>>
>>>>> Is there any way using sitemap  to manage user roles
>>>>> via a  login to control roles
>>>>> access to app pages for user_role_a
>>>>> disallow access for user_role_b type of thing?
>>>>
>>>>
>>>>
>>>> Depends on whether you are running in dynamic mode or not.
>>>>
>>>> In static mode you would have to use the mechanisms provided by 
>>>> your web server for protecting access to certain resources. On the 
>>>> Apache HTTPD server that would be using .htaccess files.
>>>>
>>>> In this case you simply provide the relevant .htaccess files in 
>>>> along with your XDocs and they will (theoretically) be copied over 
>>>> when you build the site. I say theoretically because I have not, 
>>>> personally, tried this. Let us know if you try it and it works 
>>>> (preferably in the form of a contribution to our docs).
>>>>
>>>> If you are running in dynamic mode you can, theoretically, use the 
>>>> Cocoon Authentication framework [1]. Again, I say theoretically 
>>>> because it I'm not aware of anyone having done this yet. If you 
>>>> want to go this route then it is really a dev topic, so please move 
>>>> this to the dev list where we can help guide you and (hopefully) 
>>>> you can write us a How-To on making it work.
>>>>
>>>> Ross
>>>>
>>>> [1] 
>>>> http://cocoon.apache.org/2.1/developing/webapps/authentication.html
>>>>
>>>>
>>

-- 
Gunther Sablon 
Luciad ** Parijsstraat 74 ** 3000 Leuven
tel:    +32 / 16 / 26 28 30
mailto:Gunther.Sablon@luciad.com


Mime
View raw message