You can add the principal to the context, if you add it in the authentication resource, like currently in the demo the name of the user is added. You can include any transformer, generator etc. you want and add the required info.
Carsten > -----Original Message----- > From: Ivelin Ivanov [mailto:[EMAIL PROTECTED]] > Sent: Friday, August 09, 2002 2:46 PM > To: [EMAIL PROTECTED] > Subject: Re: SunRise with container managed security... > > > > I think a more important feature is to be able to populate the > J2EE security > realm with a Principal name and roles, once authenticated through sunrise. > Since sunrise is doing a good job at protecting the URLs, I am not so > concerned about the url constraints in web.xml. > However I would like to have the principal available in the context when > obtaining J2ee resources: Transactions, Datasources, EJBs, JMS, etc. > > > > > ----- Original Message ----- > From: "Carsten Ziegeler" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Friday, August 09, 2002 12:52 AM > Subject: RE: SunRise with container managed security... > > > > Per Kreipke wrote: > > > > > > > I think, two users have reported this on the user list some months > ago. > > > > > > > > Carsten > > > > > > Sorry, meaning what? Someone else mentioned it or did the work to > > > integrate > > > the two? I can't find anything about it on the MARC archive. > > > > > Sorry, I had little time yesterday..so I only wrote short mails... > > Yes, someone mentioned it and integrated it. I don't know how he did it. > > > > Basically, this approach should work: > > The container managed security is outside of Cocoon, so if a protected > > document is called and the request enters Cocoon, the user must be > > authenticatd. > > Otherwise the contained would have denied the access. > > > > Now, you can write an automatically log-in handler for Cocoon. > > For the protected document, test if the usre is already logged-in via > > the handler. If so, serve the document. > > If the user is not logged-in via the handler (but then he is already > > authorized by the container) you can invoke the login-action and write > > an authentication pipeline for the handler which does nothing more > > than getting the user, roles, principles from the container and > > returning them to the handler. > > That's it. > > > > I must confess, that you have to write a simple authentication pipeline > > for it - I think spending 4 hours on it would be enough and you > > have the container integration. > > > > HTH > > Carsten > > > > > I was thinking that one way to do so would be to satisfy the login > request > > > with an XSP page that enumerates the <authentication> block with > > > the values > > > of getRemoteUser(), the roles, etc. > > > > > > Per > > > > > > > > -----Original Message----- > > > > > From: Per Kreipke [mailto:[EMAIL PROTECTED]] > > > > > Sent: Wednesday, August 07, 2002 9:24 PM > > > > > To: [EMAIL PROTECTED] > > > > > Subject: SunRise with container managed security... > > > > > > > > > > > > > > > I've had the demo code working and gotten the SunRise > > > > > authentication to work > > > > > off static files and am about to try it off a DB. > > > > > > > > > > However, what I'm really interested in, since Cocoon isn't the > > > > > only servlet > > > > > running, is integrating the SunRise components with the Tomcat > > > > Realm based > > > > > security. Has that been done before? > > > > > > > > > > Per > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > > > Please check that your question has not already been answered in > the > > > > > FAQ before posting. > <http://xml.apache.org/cocoon/faq/index.html> > > > > > > > > > > To unsubscribe, e-mail: > <[EMAIL PROTECTED]> > > > > > For additional commands, e-mail: > <[EMAIL PROTECTED]> > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > > Please check that your question has not already been > answered in the > > > > FAQ before posting. <http://xml.apache.org/cocoon/faq/index.html> > > > > > > To unsubscribe, e-mail: <[EMAIL PROTECTED]> > > > For additional commands, e-mail: <[EMAIL PROTECTED]> > > > > > > > > > > > > --------------------------------------------------------------------- > > Please check that your question has not already been answered in the > > FAQ before posting. <http://xml.apache.org/cocoon/faq/index.html> > > > > To unsubscribe, e-mail: <[EMAIL PROTECTED]> > > For additional commands, e-mail: <[EMAIL PROTECTED]> > > > > > --------------------------------------------------------------------- > Please check that your question has not already been answered in the > FAQ before posting. <http://xml.apache.org/cocoon/faq/index.html> > > To unsubscribe, e-mail: <[EMAIL PROTECTED]> > For additional commands, e-mail: <[EMAIL PROTECTED]> > --------------------------------------------------------------------- Please check that your question has not already been answered in the FAQ before posting. <http://xml.apache.org/cocoon/faq/index.html> To unsubscribe, e-mail: <[EMAIL PROTECTED]> For additional commands, e-mail: <[EMAIL PROTECTED]> --------------------------------------------------------------------- Please check that your question has not already been answered in the FAQ before posting. <http://xml.apache.org/cocoon/faq/index.html> To unsubscribe, e-mail: <[EMAIL PROTECTED]> For additional commands, e-mail: <[EMAIL PROTECTED]>
