Drasko Kokic wrote:
>
> Berin,
>
> have a look at the Servlet API 2.2 spec (at JavaSoft
> site). I am using Tomcat implementation (based on the
> RequestIntercepter framework).
> It is not related to the Cocoon as it is protecting a
> particular context/URI.
> IMHO this is very clean way to separate this
> functionality from the rest of the application logic.
> The included examples implement simple File (or JDBC)
> Realm (official name for such thing :-)
Ah, I see. This is the non-portable realm thing.
Every servlet vendor integrates their realms differently.
Also, I need my users to authenticate against my database,
and have that solution portable accross systems.
>
> HTH
> Drasko
>
> --- Berin Loritsch <[EMAIL PROTECTED]> wrote:
> > Drasko Kokic wrote:
> > >
> > > Uli,
> > >
> > > have you thought about redesigning the SOAP taglib
> > > (logicsheet?) so that it is portable to C2?
> > > I would need to have it running fairly soon and am
> > > ready to put in some eforts :-)
> > > With regards to the auth taglib, I would still
> > suggest
> > > that you look into the RequestIntercepter
> > > implementation of the "Context Based Security"
> > spec.
> > > It is 100% portable (between C1 and C2 of course
> > :-)
> >
> > I believe the CVS for Cocoon 2.1 has SOAP support
> > using
> > the Axis jar. You may want to verify.... It was
> > included
> > in Cocoon 2.1 due to its newness and it not being
> > tested
> > yet.
> >
> > As to the "Context Based Security" spec, do you have
> > a URL? I am interested in looking at it.
> >
> > >
> > > Drasko
> > >
> > > --- Uli Mayring <[EMAIL PROTECTED]> wrote:
> > > > On Wed, 11 Jul 2001, Berin Loritsch wrote:
> > > >
> > > > > I think you may already be used to not
> > > > > getting the output stream in Cocoon 1.
> > > >
> > > > In Cocoon1 it is actually possible to get the
> > > > OutputStream, I'm using that
> > > > in my soap taglib. My auth taglib makes heavy
> > use of
> > > > redirects (such as
> > > > redirecting you to the login page, if you try to
> > > > access a protected page
> > > > and have not authenticated). So these two
> > taglibs,
> > > > which I use a lot in my
> > > > Cocoon1 apps, are not portable to Cocoon2.
> > > >
> > > > Back when XSP taglibs first appeared, it was
> > said
> > > > that their advantage is
> > > > that implementations can change, the interface
> > > > remains the same. Of course
> > > > now that XSP itself works differently, this
> > > > advantage is gone.
> > > >
> > > > It's always a trade-off between backwards
> > > > compatibility and new features.
> > > > I'm sorry to hear that the XSP model was not
> > deemed
> > > > fit to last across
> > > > different versions of Cocoon - I wonder if it
> > will
> > > > change again for
> > > > Cocoon3. Perhaps the answer lies elsewhere:
> > > > implement XSP as an Avalon
> > > > block, add some parts of Tomcat, Xerces and
> > Xalan as
> > > > blocks and I won't
> > > > need Cocoon anymore to build web applications.
> > > > That's the beauty of
> > > > OpenSource, that these things are possible.
> > > >
> > > > > The objects you seek are all in the Map
> > > > objectModel passed in to your pages.
> > > > > for XSP, the Request, Context, and Response
> > > > objects are stored as class
> > > > > variables. Through them, you can get your
> > Session
> > > > and Cookie objects as usual.
> > > > > other than sendRedirect and getting a
> > reference to
> > > > the output stream, nothing
> > > > > should be hidden from you.
> > > >
> > > > Ok, thanks for the info,
> > > >
> > > > Ulrich
> > > >
> > > > --
> > > > Ulrich Mayring
> > > > DENIC eG, Softwareentwicklung
>
> > ATTACHMENT part 2 application/x-pkcs7-signature
> name=smime.p7s
>
> __________________________________________________
> Do You Yahoo!?
> Get personalized email addresses from Yahoo! Mail
> http://personal.mail.yahoo.com/
>
> ---------------------------------------------------------------------
> Please check that your question has not already been answered in the
> FAQ before posting. <http://xml.apache.org/cocoon/faqs.html>
>
> To unsubscribe, e-mail: <[EMAIL PROTECTED]>
> For additional commands, e-mail: <[EMAIL PROTECTED]>
S/MIME Cryptographic Signature
