On 24 Jan 2010, at 23:58, Eric Norman wrote: > Hi Ian, > > Actually since the proposed bundles are now integrated with the > org.apache.sling.commons.auth changes, they no longer needed to have their > own Login/Logout servlets. They simply use the Login/Logout servlets from > the commons.auth bundle which are bound to the following paths: > > LoginServlet: /system/sling/login > LogoutServlet: /system/sling/logout > > > Does that work for you?
Yes, perfect, thank you. Ian > > Regards, > -Eric > > On Sun, Jan 24, 2010 at 10:33 AM, Ian Boston <[email protected]> wrote: > >> Would it be possible to put this all under /system/session/... or /_session >> ? >> >> /session is used for content at times, we have tried to put non user >> generated urls at /system/... or /_.... to avoid conflicts. >> >> Ian >> >> Sent from my iPhone >> >> >> On 24 Jan 2010, at 17:18, "Eric Norman (JIRA)" <[email protected]> wrote: >> >> >>> [ >>> https://issues.apache.org/jira/browse/SLING-1116?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel >>> ] >>> >>> Eric Norman updated SLING-1116: >>> ------------------------------- >>> >>> Attachment: (was: org.apache.sling.cookieauth.zip) >>> >>> FORM Based Authentication >>>> ------------------------- >>>> >>>> Key: SLING-1116 >>>> URL: https://issues.apache.org/jira/browse/SLING-1116 >>>> Project: Sling >>>> Issue Type: New Feature >>>> Components: Extensions >>>> Reporter: Eric Norman >>>> Attachments: org.apache.sling.cookieauth.zip, >>>> org.apache.sling.sessionauth.zip >>>> >>>> >>>> This is a new bundle that provides an implementation of forms based >>>> authentication for sling. >>>> There are two servlets: >>>> 1. LoginServlet - bound to /session/login >>>> 2. LogoutServlet - bound to /session/logout >>>> The FormAuthenticationHandler will use http basic auth credentials if >>>> they are on the request. If there is no basic auth header, it will use >>>> attempt to use cached credentials stored on the server side by the >>>> LoginServlet. >>>> The login form html is generated by a set of scripts >>>> 1. login.html.esp - full login page (includes login_body.html.esp for >>>> the form markup) >>>> 2. login_body.html.esp - just the login form, which may be useful for >>>> drawing the login form for an ajax context >>>> 3. loginError.html.esp - full login-error page >>>> 4. loginError_body.html.esp - just the login-error form, for login error >>>> in ajax context >>>> The above scripts are included as bundle-resources @ >>>> /libs/sling/servlet/default >>>> The bundle also has a couple of test scripts to show some examples of >>>> usage: >>>> 1. loginTest.html.esp - shows who is logged in and links to login or >>>> logout >>>> 2. loginTest2.html.esp - shows how a script can check permissions and >>>> show a login page if the anonymous user doesn't have permission to see the >>>> page, >>>> Some examples of usage are: >>>> 1. http://host:port/path/to/node.login.html - show the login page and >>>> then goto http://host:port/path/to/node after authenticated >>>> 2. http://host:port/path/to/node.login.html?s=.edit.html - show the >>>> login page and then goto http://host:port/path/to/node.edit.html after >>>> authenticated >>>> 3. http://host:port/session/logout - invalidate the session and switch >>>> back to anonymous user >>>> >>> >>> -- >>> This message is automatically generated by JIRA. >>> - >>> You can reply to this email to add a comment to the issue online. >>> >>>
