From: Steve Krulewitz > [I posted this earlier on the user list, but it might be more > appropriate here given the new-ness of the flow stuff] > > Hey folks -- > > Total newbie here. I've been spending the last week getting > up to speed on Cocoon, especially the new flow stuff and how > it impacts the action-based authentication framework. If > flow essentially deprecates actions in general, what is the > proper way to access the authentication framework from flow? > The petstore sample seems to use its own user database, which > would lead me to believe that the current authentication > framework is not intended to be used with flow?
AFAIK, there hasn't been done any work yet. Personally I haven't used the authentication framework. What I know the authentication framework can protect your pipelines. IMHO this doesn't make sense for flow applications because you work with sendPage(AndWait) and this allows you to send internal-only pipelines and your controller should know if a user is allowed to receive a page or not. But maybe I'm completly wrong here ... > More specifically, I'm not really looking to restrict access > to particular pages and pipelines, rather I want the user's > authentication status and > role(s) to affect the page generation. Sorry, can't help you with that. Cheers, Reinhard
