Re: [Auth-framwork] - How to manage multiple documents.
Hello Antonio, you have somewhere a database, ldap directory or (for tests) an xml file storing ID, password, permissions for each user, and then the authentication simply happens the way you prefer, with an action etc. All the pages are protected by the same handler. Have a nice day, Babs - Original Message - From: Antonio Gallardo Rivera [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, September 05, 2002 8:26 AM Subject: [Auth-framwork] - How to manage multiple documents. Hi buddies! I read about the auth-document in http://xml.apache.org/cocoon/developing/webapps/authentication.html Its a very nice authentication framework! I have just one question after read that: Given 4 pages to authenticate: a) create-category b) edit-category c) create-product d) edit-product. and 5 users: userA, userB, userC, userD, userE and this permission rules: UserA can acces only pages a,b,c,d UserB can acces only pages a,b UserC can access only pages: c,d UserD can access only pages: a,c UserE can access only pages: b,d How is the best approach to do that with Cocoon? Of course we dont want that the user need to write his user ID and password to access every page. What we can do? Regards, Antonio Gallardo - Please check that your question has not already been answered in the FAQ before posting. http://xml.apache.org/cocoon/faq/index.html To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - Please check that your question has not already been answered in the FAQ before posting. http://xml.apache.org/cocoon/faq/index.html To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [Auth-framwork] - How to manage multiple documents.
Hi Antonio, an interesting scenario - are you serious? :-) The authentication framework allows you to pass additional data back from the authentication pipeline. One solution would be to use the same handler for all the different pipelines but to pass back additional values that contain the a,b,c,d etc. So you could store these in your database and then return them when the user is autenticated. In the actual pipeline you would then need a new action that checks the returned a,b,c,d and makes sure the user can access the pipeline. . ok, Carsten just came up with the following: Pass back the additional data as described above. In your pipeline the authentication action makes the data available as parameters in the pipeline. You can then use the parameterSelector to switch on the values. That way you would not need to write a new action. There you go. Have fun. Matthew Given 4 pages to authenticate: a) create-category b) edit-category c) create-product d) edit-product. and 5 users: userA, userB, userC, userD, userE and this permission rules: UserA can acces only pages a,b,c,d UserB can acces only pages a,b UserC can access only pages: c,d UserD can access only pages: a,c UserE can access only pages: b,d How is the best approach to do that with Cocoon? Of course we dont want that the user need to write his user ID and password to access every page. What we can do? Regards, Antonio Gallardo - Please check that your question has not already been answered in the FAQ before posting. http://xml.apache.org/cocoon/faq/index.html To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - Please check that your question has not already been answered in the FAQ before posting. http://xml.apache.org/cocoon/faq/index.html To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [Auth-framwork] - How to manage multiple documents.
Hi Barbara I see you posting always! ;) Thanks, So Do you mean the best approach is to put the permission to every file into the data element of the auth-protect action? Then check this permission into each page? The auth-session data will return something like: authentication IDuserA/ID data create-categorytrue/create-category edit-categorytrue/edit-category create-productfalse/create-product edit-productfalse/edit-product /authentication Then in the beginning of each page, checks for: create-category session:getxml context=authentication path=authentication/data/create-category It will return true or false. In this way I can have only 1 handler. Is this the best approach? Antonio Gallardo El Jueves, 05 de Septiembre de 2002 00:42, Barbara Post escribió: Hello Antonio, you have somewhere a database, ldap directory or (for tests) an xml file storing ID, password, permissions for each user, and then the authentication simply happens the way you prefer, with an action etc. All the pages are protected by the same handler. Have a nice day, Babs - Original Message - From: Antonio Gallardo Rivera [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, September 05, 2002 8:26 AM Subject: [Auth-framwork] - How to manage multiple documents. Hi buddies! I read about the auth-document in http://xml.apache.org/cocoon/developing/webapps/authentication.html Its a very nice authentication framework! I have just one question after read that: Given 4 pages to authenticate: a) create-category b) edit-category c) create-product d) edit-product. and 5 users: userA, userB, userC, userD, userE and this permission rules: UserA can acces only pages a,b,c,d UserB can acces only pages a,b UserC can access only pages: c,d UserD can access only pages: a,c UserE can access only pages: b,d How is the best approach to do that with Cocoon? Of course we dont want that the user need to write his user ID and password to access every page. What we can do? Regards, Antonio Gallardo - Please check that your question has not already been answered in the FAQ before posting. http://xml.apache.org/cocoon/faq/index.html To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - Please check that your question has not already been answered in the FAQ before posting. http://xml.apache.org/cocoon/faq/index.html To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - Please check that your question has not already been answered in the FAQ before posting. http://xml.apache.org/cocoon/faq/index.html To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [Auth-framwork] - How to manage multiple documents.
Antonio, this is my approach since I have many pages/rights to check... and it seems that it's secure and (maybe too ?) simple to write... But maybe your further processing will work better with another approach. In my case xsl checks the right (indeed from session:getxml) and then displays one thing or another. Interesting thread anyway :-) Barbara - Original Message - From: Antonio Gallardo Rivera [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, September 05, 2002 9:08 AM Subject: Re: [Auth-framwork] - How to manage multiple documents. Hi Barbara I see you posting always! ;) Thanks, So Do you mean the best approach is to put the permission to every file into the data element of the auth-protect action? Then check this permission into each page? The auth-session data will return something like: authentication IDuserA/ID data create-categorytrue/create-category edit-categorytrue/edit-category create-productfalse/create-product edit-productfalse/edit-product /authentication Then in the beginning of each page, checks for: create-category session:getxml context=authentication path=authentication/data/create-category It will return true or false. In this way I can have only 1 handler. Is this the best approach? Antonio Gallardo El Jueves, 05 de Septiembre de 2002 00:42, Barbara Post escribió: Hello Antonio, you have somewhere a database, ldap directory or (for tests) an xml file storing ID, password, permissions for each user, and then the authentication simply happens the way you prefer, with an action etc. All the pages are protected by the same handler. Have a nice day, Babs - Original Message - From: Antonio Gallardo Rivera [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, September 05, 2002 8:26 AM Subject: [Auth-framwork] - How to manage multiple documents. Hi buddies! I read about the auth-document in http://xml.apache.org/cocoon/developing/webapps/authentication.html Its a very nice authentication framework! I have just one question after read that: Given 4 pages to authenticate: a) create-category b) edit-category c) create-product d) edit-product. and 5 users: userA, userB, userC, userD, userE and this permission rules: UserA can acces only pages a,b,c,d UserB can acces only pages a,b UserC can access only pages: c,d UserD can access only pages: a,c UserE can access only pages: b,d How is the best approach to do that with Cocoon? Of course we dont want that the user need to write his user ID and password to access every page. What we can do? Regards, Antonio Gallardo - Please check that your question has not already been answered in the FAQ before posting. http://xml.apache.org/cocoon/faq/index.html To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - Please check that your question has not already been answered in the FAQ before posting. http://xml.apache.org/cocoon/faq/index.html To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - Please check that your question has not already been answered in the FAQ before posting. http://xml.apache.org/cocoon/faq/index.html To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - Please check that your question has not already been answered in the FAQ before posting. http://xml.apache.org/cocoon/faq/index.html To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [Auth-framwork] - How to manage multiple documents.
I've done mine as Carsten proposed, by using the parameters returned by the AuthAction in the pipeline. Works great for protecting multiple pages! But if you want to show different things for different users, you will have to use the SessionTransformer. It can be done inside a xsp-page too, but at the moment there is a serious bug with the cocoon: protocol, which prevents one to run the xsp-page through the SessionTransformer before used as a source for the ServerPagesGenerator. Hope this gets fixed soon! -Tuomo On Thu, 5 Sep 2002, Antonio Gallardo Rivera wrote: Hi Barbara I see you posting always! ;) Thanks, So Do you mean the best approach is to put the permission to every file into the data element of the auth-protect action? Then check this permission into each page? The auth-session data will return something like: authentication IDuserA/ID data create-categorytrue/create-category edit-categorytrue/edit-category create-productfalse/create-product edit-productfalse/edit-product /authentication Then in the beginning of each page, checks for: create-category session:getxml context=authentication path=authentication/data/create-category It will return true or false. In this way I can have only 1 handler. Is this the best approach? Antonio Gallardo El Jueves, 05 de Septiembre de 2002 00:42, Barbara Post escribió: Hello Antonio, you have somewhere a database, ldap directory or (for tests) an xml file storing ID, password, permissions for each user, and then the authentication simply happens the way you prefer, with an action etc. All the pages are protected by the same handler. Have a nice day, Babs - Original Message - From: Antonio Gallardo Rivera [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, September 05, 2002 8:26 AM Subject: [Auth-framwork] - How to manage multiple documents. Hi buddies! I read about the auth-document in http://xml.apache.org/cocoon/developing/webapps/authentication.html Its a very nice authentication framework! I have just one question after read that: Given 4 pages to authenticate: a) create-category b) edit-category c) create-product d) edit-product. and 5 users: userA, userB, userC, userD, userE and this permission rules: UserA can acces only pages a,b,c,d UserB can acces only pages a,b UserC can access only pages: c,d UserD can access only pages: a,c UserE can access only pages: b,d How is the best approach to do that with Cocoon? Of course we dont want that the user need to write his user ID and password to access every page. What we can do? Regards, Antonio Gallardo - Please check that your question has not already been answered in the FAQ before posting. http://xml.apache.org/cocoon/faq/index.html To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - Please check that your question has not already been answered in the FAQ before posting. http://xml.apache.org/cocoon/faq/index.html To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - Please check that your question has not already been answered in the FAQ before posting. http://xml.apache.org/cocoon/faq/index.html To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - Please check that your question has not already been answered in the FAQ before posting. http://xml.apache.org/cocoon/faq/index.html To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]