Return-Path: 
 <user-return-3017-apmail-forrest-user-archive=forrest.apache.org@forrest.apache.org>
Delivered-To: apmail-forrest-user-archive@www.apache.org
Received: (qmail 36961 invoked from network); 20 Dec 2005 20:16:23 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199)
  by minotaur.apache.org with SMTP; 20 Dec 2005 20:16:23 -0000
Received: (qmail 25420 invoked by uid 500); 20 Dec 2005 20:16:22 -0000
Delivered-To: apmail-forrest-user-archive@forrest.apache.org
Received: (qmail 25384 invoked by uid 500); 20 Dec 2005 20:16:22 -0000
Mailing-List: contact user-help@forrest.apache.org; run by ezmlm
Precedence: bulk
list-help: <mailto:user-help@forrest.apache.org>
list-unsubscribe: <mailto:user-unsubscribe@forrest.apache.org>
List-Post: <mailto:user@forrest.apache.org>
Reply-To: user@forrest.apache.org
List-Id: <user.forrest.apache.org>
Delivered-To: mailing list user@forrest.apache.org
Received: (qmail 25370 invoked by uid 99); 20 Dec 2005 20:16:21 -0000
Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 20 Dec 2005 12:16:21 -0800
X-ASF-Spam-Status: No, hits=0.0 required=10.0
	tests=HTML_MESSAGE
X-Spam-Check-By: apache.org
Received-SPF: neutral (asf.osuosl.org: local policy)
Received: from [207.172.4.61] (HELO smtp01.mrf.mail.rcn.net) (207.172.4.61)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 20 Dec 2005 12:16:20 -0800
Received: from 207-237-220-39.c3-0.80w-ubr16.nyr-80w.ny.cable.rcn.com (HELO
 [192.168.0.7]) ([207.237.220.39])
  by smtp01.mrf.mail.rcn.net with ESMTP; 20 Dec 2005 15:15:59 -0500
X-IronPort-AV: i="3.99,274,1131339600";
   d="scan'208,217"; a="144477130:sNHT40519236"
Message-ID: <43A8667C.50601@greenjaguar.com>
Date: Tue, 20 Dec 2005 15:15:56 -0500
From: Helena Edelson <helena@greenjaguar.com>
Organization: GreenJaguar
User-Agent: Mozilla Thunderbird 1.0.6 (Windows/20050716)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: user@forrest.apache.org
Subject: Re: access control - user roles by sitemap
References: <43A846B5.6080908@greenjaguar.com> <43A84D25.4070906@apache.org>
 <43A84EF6.90006@greenjaguar.com> <43A85501.5060704@luciad.com>
In-Reply-To: <43A85501.5060704@luciad.com>
Content-Type: multipart/alternative;
 boundary="------------010702050405080901070909"
X-Virus-Checked: Checked by ClamAV on apache.org
X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N

This is a multi-part message in MIME format.
--------------010702050405080901070909
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

That should work,
are you saying to handle auth in server.xml and parts in web.xml?

thank you.
helena

Gunther Sablon wrote:

> Hi,
> we are running forrest as a webapp in Tomcat.
> We use the authentication mechanisms of Tomcat:
> - before we had users  in tomcat_users.xml; currently they are in LDAP 
> (can be setup in server.xml)
> - web.xml specifies the parts of the site that need authentication.
> There is no connection to the sitemap, so maybe I have misunderstood 
> your question...
> Best regards,
> Gunther
>
> Helena Edelson wrote:
>
>> thanks. will do.
>> i am also working on i18n stuff. when i figure it out,
>> i was thinking it might be help ful to write a how to.
>> everything so far seems
>> fractured in terms of the steps to take to implement.
>> there are many if then's and info is everywhere, from
>> docs to jira to cocoon docs..
>>
>> helena
>>
>> Ross Gardler wrote:
>>
>>> Helena Edelson wrote:
>>>
>>>> Is there any way using sitemap  to manage user roles
>>>> via a  login to control roles
>>>> access to app pages for user_role_a
>>>> disallow access for user_role_b type of thing?
>>>
>>>
>>>
>>> Depends on whether you are running in dynamic mode or not.
>>>
>>> In static mode you would have to use the mechanisms provided by your 
>>> web server for protecting access to certain resources. On the Apache 
>>> HTTPD server that would be using .htaccess files.
>>>
>>> In this case you simply provide the relevant .htaccess files in 
>>> along with your XDocs and they will (theoretically) be copied over 
>>> when you build the site. I say theoretically because I have not, 
>>> personally, tried this. Let us know if you try it and it works 
>>> (preferably in the form of a contribution to our docs).
>>>
>>> If you are running in dynamic mode you can, theoretically, use the 
>>> Cocoon Authentication framework [1]. Again, I say theoretically 
>>> because it I'm not aware of anyone having done this yet. If you want 
>>> to go this route then it is really a dev topic, so please move this 
>>> to the dev list where we can help guide you and (hopefully) you can 
>>> write us a How-To on making it work.
>>>
>>> Ross
>>>
>>> [1] http://cocoon.apache.org/2.1/developing/webapps/authentication.html
>>>
>>>
>

--------------010702050405080901070909
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
  <meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
  <title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
<font size="-1"><font face="Verdana">That should work,<br>
are you saying to handle auth in server.xml and parts in web.xml?<br>
<br>
thank you.<br>
</font></font>helena<br>
<br>
Gunther Sablon wrote:
<blockquote cite="mid43A85501.5060704@luciad.com" type="cite">Hi,
  <br>
we are running forrest as a webapp in Tomcat.
  <br>
We use the authentication mechanisms of Tomcat:
  <br>
- before we had users&nbsp; in tomcat_users.xml; currently they are in LDAP
(can be setup in server.xml)
  <br>
- web.xml specifies the parts of the site that need authentication.
  <br>
There is no connection to the sitemap, so maybe I have misunderstood
your question...
  <br>
Best regards,
  <br>
Gunther
  <br>
  <br>
Helena Edelson wrote:
  <br>
  <br>
  <blockquote type="cite">thanks. will do.
    <br>
i am also working on i18n stuff. when i figure it out,
    <br>
i was thinking it might be help ful to write a how to.
    <br>
everything so far seems
    <br>
fractured in terms of the steps to take to implement.
    <br>
there are many if then's and info is everywhere, from
    <br>
docs to jira to cocoon docs..
    <br>
    <br>
helena
    <br>
    <br>
Ross Gardler wrote:
    <br>
    <br>
    <blockquote type="cite">Helena Edelson wrote:
      <br>
      <br>
      <blockquote type="cite">Is there any way using sitemap&nbsp; to manage
user roles
        <br>
via a&nbsp; login to control roles
        <br>
access to app pages for user_role_a
        <br>
disallow access for user_role_b type of thing?
        <br>
      </blockquote>
      <br>
      <br>
Depends on whether you are running in dynamic mode or not.
      <br>
      <br>
In static mode you would have to use the mechanisms provided by your
web server for protecting access to certain resources. On the Apache
HTTPD server that would be using .htaccess files.
      <br>
      <br>
In this case you simply provide the relevant .htaccess files in along
with your XDocs and they will (theoretically) be copied over when you
build the site. I say theoretically because I have not, personally,
tried this. Let us know if you try it and it works (preferably in the
form of a contribution to our docs).
      <br>
      <br>
If you are running in dynamic mode you can, theoretically, use the
Cocoon Authentication framework [1]. Again, I say theoretically because
it I'm not aware of anyone having done this yet. If you want to go this
route then it is really a dev topic, so please move this to the dev
list where we can help guide you and (hopefully) you can write us a
How-To on making it work.
      <br>
      <br>
Ross
      <br>
      <br>
[1] <a class="moz-txt-link-freetext" href="http://cocoon.apache.org/2.1/developing/webapps/authentication.html">http://cocoon.apache.org/2.1/developing/webapps/authentication.html</a>
      <br>
      <br>
      <br>
    </blockquote>
  </blockquote>
  <br>
</blockquote>
</body>
</html>

--------------010702050405080901070909--