Re: map:redirect-to...
I did try upgrading but I couldn't install Firefox 0.9 because of some library dependency that I couldn't resolve. I figure I'd like to upgrade my OS soon though, so I figured I'd wait until then to try again. From: John L. Webber [EMAIL PROTECTED] Have you tried Firefox 0.9? (It's no longer called Firebird) John Sonny Sukumar wrote: Alright, I finally isolated the problem: it's Mozilla Firebird 0.7! It has a bizarre problem where it sends 2 requests when I only click once. And somehow this only occurs when I use internal redirects within Cocoon. Go figure. I verified that it works correctly in both KDE Konqueror on RedHat Linux 7.3 and IE6 on Windows XP. Yeah, so I have no idea how to fix the Mozilla problem without an upgrade of the browser itself. Oh well. sigh Thanks again for your help, - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Is your PC infected? Get a FREE online computer virus scan from McAfee® Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Mozilla request parameters (was: Re: map:redirect-to...)
Me too! I had the double request problem with image buttons especially, so I guess I just gotta hope that few of our users wil be using Mozilla 0.7. Btw, have you tried 0.9 yourself? Does it still have these bugs? From: John L. Webber [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Mozilla request parameters (was: Re: map:redirect-to...) Date: Wed, 04 Aug 2004 09:03:38 +0200 Sonny, We've had problems with image buttons and request parameters; for example if the button has the name saveme, Mozilla sends request parameters saveme, saveme.x and saveme.y, while Konqueror and IE only send saveme.x and saveme.y. Since we use almost exclusively Mozilla internally, this bit us severely. John Sonny Sukumar wrote: Alright, I finally isolated the problem: it's Mozilla Firebird 0.7! It has a bizarre problem where it sends 2 requests when I only click once. And somehow this only occurs when I use internal redirects within Cocoon. Go figure. I verified that it works correctly in both KDE Konqueror on RedHat Linux 7.3 and IE6 on Windows XP. Yeah, so I have no idea how to fix the Mozilla problem without an upgrade of the browser itself. Oh well. sigh Thanks again for your help, Sonny - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Get ready for school! Find articles, homework help and more in the Back to School Guide! http://special.msn.com/network/04backtoschool.armx - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: map:redirect-to...
Alright, I finally isolated the problem: it's Mozilla Firebird 0.7! It has a bizarre problem where it sends 2 requests when I only click once. And somehow this only occurs when I use internal redirects within Cocoon. Go figure. I verified that it works correctly in both KDE Konqueror on RedHat Linux 7.3 and IE6 on Windows XP. Yeah, so I have no idea how to fix the Mozilla problem without an upgrade of the browser itself. Oh well. sigh Thanks again for your help, Sonny From: John L. Webber [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: map:redirect-to... Date: Thu, 29 Jul 2004 09:18:43 +0200 Hi Sonny, The only other thing I can suggest trying is to reproduce the bug with an alternate matcher, using different redirect resources and a different action. If the bug doesn't happen then, try swapping in your actual resources one at a time, and then your action. Something like: map:match pattern=secure/reallySimpleTest map:act type=always-succeeds map:redirect-to uri=cocoon:/pageExists1/ /map:act map:redirect-to uri=cocoon:/pageExists2/ /map:match If that works as expected (i.e. no bug), try replacing the first redirect with your actual redirect. Of course, you'll have to create the new resources first! Good luck, John Sonny Sukumar wrote: Hey John, I took your advice and spent some time culling through sitemap.log and discovered that BOTH redirects are taking place when I use internal redirects...it's just that the test failed redirect happens second, so I always see that result page (even though the action's operations in modifying the database, etc. are performed successfully). Why this happens is still a mystery to me, but here's the sitemap log info showing this: INFO(2004-07-28) 10:47.42:387 [sitemap] (/secure/doTest) http8443-Processor2/RedirectToURINode: Redirecting to 'cocoon:/showTestSucceededPage' at file:/usr/local/tomcat/webapps/cocoon/sitemap.xmap:1750:62 INFO(2004-07-28) 10:47.42:388 [sitemap] (/secure/doTest) http8443-Processor2/ForwardRedirector: Redirecting to 'cocoon:/showTestSucceededPage' INFO(2004-07-28) 10:47.42:711 [sitemap] (/secure/doTest) http8443-Processor2/RedirectToURINode: Redirecting to 'cocoon:/showTestFailedPage' at file:/usr/local/tomcat/webapps/cocoon/sitemap.xmap:1755:68 INFO(2004-07-28) 10:47.42:712 [sitemap] (/secure/doTest) http8443-Processor2/ForwardRedirector: Redirecting to 'cocoon:/showTestFailedPage' So I then tried--just for the heck of it--putting an html serializer right after the first redirect like this: map:match pattern=secure/doTest map:act type=perform-test !-- Test succeeded. -- map:redirect-to uri=cocoon:/showTestSucceededPage/ map:serialize type=html/ /map:act !-- Test failed. -- map:redirect-to uri=cocoon:/showTestFailedPage/ /map:match And of course that didn't work either. :-) Sooo...maybe there's a bug with internal redirects? BTW, I'm using the absolute latest stable version of Cocoon (2.1.5.1) on Tomcat 4.1.30. I upgraded just a few days ago... Sonny - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Dont just search. Find. Check out the new MSN Search! http://search.msn.click-url.com/go/onm00200636ave/direct/01/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: map:redirect-to...
Hey John, Thanks for the advice. I didn't get it to work, but I *did* spend a few hours on it and discovered something interesting. Here's the steps I followed: 1.) I first introduced new internal redirects, commenting out the old ones: map:match pattern=secure/doTest map:act type=perform-test !-- Test succeeded. -- !--map:redirect-to uri=cocoon:/showTestSucceededPage/-- map:redirect-to uri=cocoon:/myTestSucceeded/ /map:act !-- Test failed. -- !--map:redirect-to uri=cocoon:/showTestFailedPage/-- map:redirect-to uri=cocoon:/myTestFailed/ /map:match This actually works on the first request but not after that! (Yes, I'm resetting the state of my db after each request so I can test this Cocoon stuff independently of that state.) BTW, the new redirects go to extremely basic straight HTML pages for which the code is like 3 lines (htmlheadtitle.../title/head bodySome Text/body/html), and these simple pages are fetched with a simple map:read mime-type=html src=.../) 2.) So I comment out the new redirects, uncomment the old redirects, and try 1 more request: map:match pattern=secure/doTest map:act type=perform-test !-- Test succeeded. -- map:redirect-to uri=cocoon:/showTestSucceededPage/ !--map:redirect-to uri=cocoon:/myTestSucceeded/-- /map:act !-- Test failed. -- map:redirect-to uri=cocoon:/showTestFailedPage/ !--map:redirect-to uri=cocoon:/myTestFailed/-- /map:match This request doesn't work (shows test failed instead of test succeeded), though I didn't really expect it to. 3.) So now I go back to how it was in Step 1--and then it works! BUT only the FIRST time! And I can repeat the above behavior over and over, getting it to work but only once. So it seems like it might have something to do with pipeline setup or something...I just don't know. BTW, simply reuploading the sitemap after Step 1 doesn't get it to work either. I actually have to go through the 3 steps exactly as I mentioned. Hopefully this sparks some insight? I sure hope one of us can figure it out...this scenario can happen to anyone! Sincerely, Sonny From: John L. Webber [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: map:redirect-to... Date: Thu, 29 Jul 2004 09:18:43 +0200 Hi Sonny, The only other thing I can suggest trying is to reproduce the bug with an alternate matcher, using different redirect resources and a different action. If the bug doesn't happen then, try swapping in your actual resources one at a time, and then your action. Something like: map:match pattern=secure/reallySimpleTest map:act type=always-succeeds map:redirect-to uri=cocoon:/pageExists1/ /map:act map:redirect-to uri=cocoon:/pageExists2/ /map:match If that works as expected (i.e. no bug), try replacing the first redirect with your actual redirect. Of course, you'll have to create the new resources first! Good luck, John Sonny Sukumar wrote: Hey John, I took your advice and spent some time culling through sitemap.log and discovered that BOTH redirects are taking place when I use internal redirects...it's just that the test failed redirect happens second, so I always see that result page (even though the action's operations in modifying the database, etc. are performed successfully). Why this happens is still a mystery to me, but here's the sitemap log info showing this: INFO(2004-07-28) 10:47.42:387 [sitemap] (/secure/doTest) http8443-Processor2/RedirectToURINode: Redirecting to 'cocoon:/showTestSucceededPage' at file:/usr/local/tomcat/webapps/cocoon/sitemap.xmap:1750:62 INFO(2004-07-28) 10:47.42:388 [sitemap] (/secure/doTest) http8443-Processor2/ForwardRedirector: Redirecting to 'cocoon:/showTestSucceededPage' INFO(2004-07-28) 10:47.42:711 [sitemap] (/secure/doTest) http8443-Processor2/RedirectToURINode: Redirecting to 'cocoon:/showTestFailedPage' at file:/usr/local/tomcat/webapps/cocoon/sitemap.xmap:1755:68 INFO(2004-07-28) 10:47.42:712 [sitemap] (/secure/doTest) http8443-Processor2/ForwardRedirector: Redirecting to 'cocoon:/showTestFailedPage' So I then tried--just for the heck of it--putting an html serializer right after the first redirect like this: map:match pattern=secure/doTest map:act type=perform-test !-- Test succeeded. -- map:redirect-to uri=cocoon:/showTestSucceededPage/ map:serialize type=html/ /map:act !-- Test failed. -- map:redirect-to uri=cocoon:/showTestFailedPage/ /map:match And of course that didn't work either. :-) Sooo...maybe there's a bug with internal redirects? BTW, I'm using the absolute latest stable version of Cocoon (2.1.5.1) on Tomcat 4.1.30. I upgraded just a few days ago... Sonny - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Express yourself instantly with MSN Messenger! Download today
Re: map:redirect-to...
Hey John, I took your advice and spent some time culling through sitemap.log and discovered that BOTH redirects are taking place when I use internal redirects...it's just that the test failed redirect happens second, so I always see that result page (even though the action's operations in modifying the database, etc. are performed successfully). Why this happens is still a mystery to me, but here's the sitemap log info showing this: INFO(2004-07-28) 10:47.42:387 [sitemap] (/secure/doTest) http8443-Processor2/RedirectToURINode: Redirecting to 'cocoon:/showTestSucceededPage' at file:/usr/local/tomcat/webapps/cocoon/sitemap.xmap:1750:62 INFO(2004-07-28) 10:47.42:388 [sitemap] (/secure/doTest) http8443-Processor2/ForwardRedirector: Redirecting to 'cocoon:/showTestSucceededPage' INFO(2004-07-28) 10:47.42:711 [sitemap] (/secure/doTest) http8443-Processor2/RedirectToURINode: Redirecting to 'cocoon:/showTestFailedPage' at file:/usr/local/tomcat/webapps/cocoon/sitemap.xmap:1755:68 INFO(2004-07-28) 10:47.42:712 [sitemap] (/secure/doTest) http8443-Processor2/ForwardRedirector: Redirecting to 'cocoon:/showTestFailedPage' So I then tried--just for the heck of it--putting an html serializer right after the first redirect like this: map:match pattern=secure/doTest map:act type=perform-test !-- Test succeeded. -- map:redirect-to uri=cocoon:/showTestSucceededPage/ map:serialize type=html/ /map:act !-- Test failed. -- map:redirect-to uri=cocoon:/showTestFailedPage/ /map:match And of course that didn't work either. :-) Sooo...maybe there's a bug with internal redirects? BTW, I'm using the absolute latest stable version of Cocoon (2.1.5.1) on Tomcat 4.1.30. I upgraded just a few days ago... Sonny From: John L. Webber [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: map:redirect-to... Date: Wed, 28 Jul 2004 08:56:45 +0200 Hi Sonny, I don't know that the action isn't relevant, since the redirect to showTestFailedPage should only happen if the action failed. Why the action fails using internal redirects and succeeds using HTTP redirects is mysterious. The action could fail by throwing an unexpected exception, or by returning null, or if it's an XSPAction by setting action:set-failure/. There ought to be something in your sitemap.log showing what happened. John Sonny Sukumar wrote: Hey John, The test the action is performing is actually to see whether an email verification string is the same as what's in the backend database. In other words, somebody clicks a link in her email to complete registration by verifying her email address and this action checks the random string in in the link (a request param) against what's in the db. That's all. :-) But again the weird thing is that it works when I use HTTP redirects, so doesn't that make the action moot to discuss? The action code is actually pretty simple and hasn't been changed in a long time, so it *seems* like that wouldn't be the problem. Btw, when you mentioned the action possibly failing, did you mean the test it performs failing or did you mean some type of Exception being thrown from it? map:match pattern=secure/doTest map:act type=perform-test !-- Test succeeded. -- map:redirect-to uri=cocoon:/showTestSucceededPage/ /map:act !-- Test failed. -- map:redirect-to uri=cocoon:/showTestFailedPage/ /map:match -- - Jentro Technologies GmbH John L. Webber, Software Development - Rosenheimer Str. 145e 81671 München Tel. +49 89 189 169 80 mailto:[EMAIL PROTECTED] Fax +49 89 189 169 99 http://www.jentro.com - NOTICE: The information contained in this e-mail is confidential or may otherwise be legally privileged. It is intended for the named recipient only. If you have received it in error, please notify us immediately by reply or by calling the telephone number above and delete this message and all its attachments without any use or further distribution of its contents. Please note that any unauthorised review, copying, disclosing or otherwise making use of the information is strictly prohibited. Thank you. - - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Overwhelmed by debt? Find out how to Dig Yourself Out of Debt from MSN Money. http://special.msn.com/money/0407debt.armx - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: map:redirect-to...
Hey John, The test the action is performing is actually to see whether an email verification string is the same as what's in the backend database. In other words, somebody clicks a link in her email to complete registration by verifying her email address and this action checks the random string in in the link (a request param) against what's in the db. That's all. :-) But again the weird thing is that it works when I use HTTP redirects, so doesn't that make the action moot to discuss? The action code is actually pretty simple and hasn't been changed in a long time, so it *seems* like that wouldn't be the problem. Btw, when you mentioned the action possibly failing, did you mean the test it performs failing or did you mean some type of Exception being thrown from it? Thanks again, Sonny From: John L. Webber [EMAIL PROTECTED] Hi Sonny, Maybe one of the *real* Cocoon gurus is watching this thread and will jump in... Do I understand correctly that when you use the internal redirect, only the test failed page is shown? That must mean the action failed. I assume you must have combed through the log files - was there anything at all interesting there that explained why the action failed? Otherwise I'm pretty much at a loss to explain what's happening here. What does the action perform-test do? John Sonny Sukumar wrote: That's a good insight and a good question John, though actually the redirected URIs are *not* in the secure/ directory. I did also read through the Cocoon docs on redirects but couldn't find the reason for the strange behavior. To quickly summarize again, the behavior is that the *second* redirect (the one after the action) is *always* executed when using internal redirects (i.e. with cocoon:/). BUT this problem disappears when I use HTTP redirects. I just don't wanna use HTTP redirects for this. :-/ I'm having a strange problem with map:redirect-to, where it doesn't seem to work right when I use the cocoon:/ protocol. Here's my example code: map:match pattern=secure/doTest map:act type=perform-test !-- Test succeeded. -- map:redirect-to uri=cocoon:/showTestSucceededPage/ /map:act !-- Test failed. -- map:redirect-to uri=cocoon:/showTestFailedPage/ /map:match Even when the test succeeds I see the showTestFailedPage when using the cocoon:/ protocol, but everything works fine if I take out the cocoon:/ (to use HTTP redirects). I'd really prefer to use internal redirects, so how come it doesn't work? I might well be missing something. -- - Jentro Technologies GmbH John L. Webber, Software Development - Rosenheimer Str. 145e 81671 München Tel. +49 89 189 169 80 mailto:[EMAIL PROTECTED] Fax +49 89 189 169 99 http://www.jentro.com - NOTICE: The information contained in this e-mail is confidential or may otherwise be legally privileged. It is intended for the named recipient only. If you have received it in error, please notify us immediately by reply or by calling the telephone number above and delete this message and all its attachments without any use or further distribution of its contents. Please note that any unauthorised review, copying, disclosing or otherwise making use of the information is strictly prohibited. Thank you. - - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Overwhelmed by debt? Find out how to Dig Yourself Out of Debt from MSN Money. http://special.msn.com/money/0407debt.armx - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: map:redirect-to...
That's a good insight and a good question John, though actually the redirected URIs are *not* in the secure/ directory. I did also read through the Cocoon docs on redirects but couldn't find the reason for the strange behavior. To quickly summarize again, the behavior is that the *second* redirect (the one after the action) is *always* executed when using internal redirects (i.e. with cocoon:/). BUT this problem disappears when I use HTTP redirects. I just don't wanna use HTTP redirects for this. :-/ Thanks again, Sonny From: John L. Webber [EMAIL PROTECTED] Hello Sonny, Are the resources showTestSucceededPage and showTestFailedPage in the secure directory? Then you probably need to use cocoon:/secure/showXXX. See http://cocoon.apache.org/2.1/userdocs/concepts/redirection.html Hope this helps, John Sonny Sukumar wrote: Hey guys, I'm having a strange problem with map:redirect-to, where it doesn't seem to work right when I use the cocoon:/ protocol. Here's my example code: map:match pattern=secure/doTest map:act type=perform-test !-- Test succeeded. -- map:redirect-to uri=cocoon:/showTestSucceededPage/ /map:act !-- Test failed. -- map:redirect-to uri=cocoon:/showTestFailedPage/ /map:match Even when the test succeeds I see the showTestFailedPage when using the cocoon:/ protocol, but everything works fine if I take out the cocoon:/ (to use HTTP redirects). I'd really prefer to use internal redirects, so how come it doesn't work? I might well be missing something. Thank you for your help! -- - Jentro Technologies GmbH John L. Webber, Software Development - Rosenheimer Str. 145e 81671 München Tel. +49 89 189 169 80 mailto:[EMAIL PROTECTED] Fax +49 89 189 169 99 http://www.jentro.com - NOTICE: The information contained in this e-mail is confidential or may otherwise be legally privileged. It is intended for the named recipient only. If you have received it in error, please notify us immediately by reply or by calling the telephone number above and delete this message and all its attachments without any use or further distribution of its contents. Please note that any unauthorised review, copying, disclosing or otherwise making use of the information is strictly prohibited. Thank you. - - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Discover the best of the best at MSN Luxury Living. http://lexus.msn.com/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
map:redirect-to...
Hey guys, I'm having a strange problem with map:redirect-to, where it doesn't seem to work right when I use the cocoon:/ protocol. Here's my example code: map:match pattern=secure/doTest map:act type=perform-test !-- Test succeeded. -- map:redirect-to uri=cocoon:/showTestSucceededPage/ /map:act !-- Test failed. -- map:redirect-to uri=cocoon:/showTestFailedPage/ /map:match Even when the test succeeds I see the showTestFailedPage when using the cocoon:/ protocol, but everything works fine if I take out the cocoon:/ (to use HTTP redirects). I'd really prefer to use internal redirects, so how come it doesn't work? I might well be missing something. Thank you for your help! _ Dont just search. Find. Check out the new MSN Search! http://search.msn.click-url.com/go/onm00200636ave/direct/01/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Wildcards in select map:when tests?
Hi guys, I was wondering if there's a way to use wildcards in selector map:when tests, like: map:when test=show* ... /map:when Btw, I'm using a parameter selector currently. Thanks, Sonny _ Tired of slow downloads? Compare online deals from your local high-speed providers now. https://broadband.msn.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Re: [XSP] Java variables within tag attributes
Ok, more specifically, here's what I did... 1.) I had a mostly static XHTML doc in which I wanted to fill in a 2-3 sections with dynamic content. For each such section I embedded a mysite:content replace-with=someGeneralContentName/ 2.) I wrote a simple stylesheet like: xsl:stylesheet version=1.0 xsl:param name=pageTitle select='Welcome to RedPouch.com'/ xsl:template match=mysite:[EMAIL PROTECTED]'pageTitle'] cinclude:include src={$pageTitle}/ /xsl:template xsl:template match=@*|node() priority=-1 xsl:copy xsl:apply-templates select=@*|node()/ /xsl:copy /xsl:template /xsl:stylesheet As you can see, pageTitle is one instance of a general content name. 3.) In the sitemap you'd do something like: ... map:transform type=xslt src=xsl/myStyleSheet.xsl map:parameter name=pageTitle value={request-param:someParamFromRequest/ /map:transform map:transform type=cinclude/ That's about it. :-) Sonny From: Jan Wielgus [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: Re: [XSP] Java variables within tag attributes Date: Sat, 1 Nov 2003 21:20:50 +0100 Hi Jan, I did a similar thing by using by writing an XSLT stylesheet that declares an xsl:param, passing the param from my sitemap using map:transform, and having the XSLT stylesheet fill in the src attribute value for the cinclude. After that stage is done, you can pass it through the cinclude transformer. Would you give me a little code-example, if possible? Jan - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Want to check if your PC is virus-infected? Get a FREE computer virus scan online from McAfee. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Logging broken in 2.1.2?
Oh, I had no idea...it certainly has had me perplexed. I'm specifically trying to log with a custom Action that I wrote, so that'd be considered a sitemap component. Can you guys post a note on the User's list if it changes again? When do you think it might change again? Thanks for the insight, Sonny From: Unico Hommes [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED],[EMAIL PROTECTED] Subject: RE: Logging broken in 2.1.2? Date: Thu, 30 Oct 2003 09:58:51 +0100 Are you talking about a sitemap component? In that case, yes, something changed recently. Sitemap components get their logger categories prepended with sitemap. This means that if you do generator logger=sitemap.generator.my ... / the category of the logger that gets assigned to this generator will actually be sitemap.sitemap.generator.my. For the moment you can only assign a logger relative to the sitemap category. We are currently discussing this issue at the dev list. This behavior will probably change again in the future. Regards, Unico -Original Message- From: Sonny Sukumar [mailto:[EMAIL PROTECTED] Sent: woensdag 29 oktober 2003 23:58 To: [EMAIL PROTECTED] [Hey all, I sent this yesterday but didn't get any response. I really haven't been able to figure it out.] Hi guys, Ever since I upgraded to 2.1.2 (release version) my application's logging hasn't been working at all. It's set to work with LogFactor5 and worked perfectly before I upgraded. I'm outputting my logging messages using the debug log level, but I tried all other log levels and nothing seems to get logged. This is making it very difficult for me to test my app. Can anybody help? Thanks, Sonny _ Concerned that messages may bounce because your Hotmail account has exceeded its 2MB storage limit? Get Hotmail Extra Storage! http://join.msn.com/?PAGE=features/es - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Never get a busy signal because you are always connected with high-speed Internet access. Click here to comparison-shop providers. https://broadband.msn.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Logging broken in 2.1.2?
[Hey all, I sent this yesterday but didn't get any response. I really haven't been able to figure it out.] Hi guys, Ever since I upgraded to 2.1.2 (release version) my application's logging hasn't been working at all. It's set to work with LogFactor5 and worked perfectly before I upgraded. I'm outputting my logging messages using the debug log level, but I tried all other log levels and nothing seems to get logged. This is making it very difficult for me to test my app. Can anybody help? Thanks, Sonny _ Concerned that messages may bounce because your Hotmail account has exceeded its 2MB storage limit? Get Hotmail Extra Storage! http://join.msn.com/?PAGE=features/es - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tomcat/Cocoon mysteriously stop responding...
Hey guys, I've had the persistent problem with Tomcat/Cocoon over some months now where when I go to bed my Tomcat/Cocoon server is functioning just fine and I can access all web pages, both static and dynamically generated (from a backend db). But when I wake up and try to access the pages the connection just times out and I get a totally blank response. This doesn't happen every single day, but often enough to be annoying. We're soon going live with the site, so this happening **at all** is a scary thought. I can't seem to figure out what the problem could be. Is it Tomcat or is it Cocoon? Restarting Tomcat almost always solves the problem. I've had this problem through all my Tomcat upgrades (4.1.12 all the way to 4.1.27 now) and my Cocoon upgrades (from 2.0.x all the way until latest 2.1.2). Has anybody else experienced this? Any idea what it could be? Thanks! Sonny _ Fretting that your Hotmail account may expire because you forgot to sign in enough? Get Hotmail Extra Storage today! http://join.msn.com/?PAGE=features/es - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: xsl:param doesn't accept default values?
Your closing tag should be /xsl:param. From: Mathias Wiegard [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: xsl:param doesn't accept default values? Date: Wed, 22 Oct 2003 17:30:59 +0200 Hi, I'm trying to write an XSLT where a parameter has to have an default value. So I used the basic mechanism with xsl:param name=acmedefault/param my XSLT-Transformation in Cocoon doesn't take it? Bug? Mat - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Fretting that your Hotmail account may expire because you forgot to sign in enough? Get Hotmail Extra Storage today! http://join.msn.com/?PAGE=features/es - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Pass sitemap params to xslt transformer?
--Update-- I tried the map:transform without passing any map:parameters at all, so just the default xsl:param value in the XSL stylesheet will be used (see prev. message below). I also made the template simpler. Just this now: xsl:template match=rp:[EMAIL PROTECTED]'centerPage'] cinclude:include src=$centerPage / /xsl:template Anyhow, the output I'm getting is: cinclude:include xmlns:cinclude=http://apache.org/cocoon/include/1.0; src=$centerPage/ This indicates the param *value* isn't being substituted. Why might this be? From: Sonny Sukumar [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: RE: Pass sitemap params to xslt transformer? Date: Sat, 11 Oct 2003 12:55:20 -0700 Ok, I can't get the map:parameter value to work in the XSL. I keep getting a ResourceNotFoundException. I even tried hardcoding the map:parameter value, but it still doesn't work. Here's the sitemap map:transform: map:transform type=xslt src=mysite/xsl/customerFacingTemplate.xsl map:parameter name=centerPage value=cocoon:/internal/showProduct?productId=00123/ /map:transform The XSL is: ?xml version=1.0? xsl:stylesheet xmlns:xsl=http://www.w3.org/1999/XSL/Transform; version=1.0 xmlns:rp=http://www.redpouch.com/rp; xmlns:cinclude=http://apache.org/cocoon/include/1.0; xsl:param name=centerPage value=home/ xsl:template match=rp:[EMAIL PROTECTED] cinclude:include src=[EMAIL PROTECTED]/ /xsl:template !-- 1 other template to copy all other tags over -- /xsl:stylesheet The specific error is this: org.apache.cocoon.ProcessingException: Failed to execute pipeline.: java.lang.RuntimeException: org.apache.cocoon.ResourceNotFoundException: Resource not found.: org.apache.excalibur.source.SourceNotFoundException: file:/usr/local/tomcat/webapps/cocoon/$centerPage doesn't exist Any ideas?? Thanks, Sonny From: Horsfield, Peter A. [EMAIL PROTECTED] Absolutely: map:transform type=xslt map:parameter name=paramName value={1} / /map:transform Then, in your XSLT file at the top level (under stylesheet) xsl:param name=paramName value=defaultvalue / I've had problems using hyphens in parameter names, however. Peter -Original Message- From: Sonny Sukumar [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 08, 2003 3:03 PM To: [EMAIL PROTECTED] Subject: Pass sitemap params to xslt transformer? Is there any way to pass *sitemap* parameters to the xslt transformer (TraxTransformer)? I know there's a use-request-parameters option to use request parameters, but that's not what I want to do. I want to at least be able to pass in the request URI (e.g. requestUri in http://www.mysite.com/requestUri?id=12345;), but passing in parameters with names/values of my choosing from the sitemap would be better. Thanks for the help, Sonny _ Add MSN 8 Internet Software to your existing Internet access and enjoy patented spam protection and more. Sign up now! http://join.msn.com/?page=dept/byoa - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Add MSN 8 Internet Software to your existing Internet access and enjoy patented spam protection and more. Sign up now! http://join.msn.com/?page=dept/byoa - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Help protect your PC. Get a FREE computer virus scan online from McAfee. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Pass sitemap params to xslt transformer?
Hi Con, Thank you very much for your suggestions. I implemented both suggestions and now I get: cinclude:include xmlns:cinclude=http://apache.org/cocoon/include/1.0; src=/ Here's my stylesheet: ?xml version=1.0? xsl:stylesheet xmlns:xsl=http://www.w3.org/1999/XSL/Transform; version=1.0 xmlns:rp=http://www.mysite.com/rp; xmlns:cinclude=http://apache.org/cocoon/include/1.0; xsl:param name=centerPage value='home'/ xsl:template match=rp:[EMAIL PROTECTED]'centerPage'] cinclude:include src={$centerPage} / /xsl:template !---+ | If a specific template does not exist for the current node, simply copy | it to the result document. +-- xsl:template match=@*|node() priority=-1 xsl:copy xsl:apply-templates select=@*|node()/ /xsl:copy /xsl:template /xsl:stylesheet Thanks again, Sonny From: Conal Tuohy [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: RE: Pass sitemap params to xslt transformer? Date: Sun, 12 Oct 2003 14:42:36 +1300 Sonny, you need: cinclude:include src={$centerPage}/ Note the curly brackets! This is an Attribute Value Template. If you miss the { } then $centerPage is interpreted as a string literal! Also, the parameter declaration looks wrong to me. I'm not sure, I don't think you really want: xsl:param name=centerPage value=home/ This will assign the centerPage variable a value equal to the nodeset containing the root node of your document, if that node's name is home, or if that's not the name of the root node, then centerPage will equal the empty nodeset. I think you probably want: xsl:param name=centerPage value='home'/ This would assign it the string literal home Cheers Con -Original Message- From: Sonny Sukumar [mailto:[EMAIL PROTECTED] Sent: Sunday, 12 October 2003 11:07 To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Pass sitemap params to xslt transformer? --Update-- I tried the map:transform without passing any map:parameters at all, so just the default xsl:param value in the XSL stylesheet will be used (see prev. message below). I also made the template simpler. Just this now: xsl:template match=rp:[EMAIL PROTECTED]'centerPage'] cinclude:include src=$centerPage / /xsl:template Anyhow, the output I'm getting is: cinclude:include xmlns:cinclude=http://apache.org/cocoon/include/1.0; src=$centerPage/ This indicates the param *value* isn't being substituted. Why might this be? From: Sonny Sukumar [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: RE: Pass sitemap params to xslt transformer? Date: Sat, 11 Oct 2003 12:55:20 -0700 Ok, I can't get the map:parameter value to work in the XSL. I keep getting a ResourceNotFoundException. I even tried hardcoding the map:parameter value, but it still doesn't work. Here's the sitemap map:transform: map:transform type=xslt src=mysite/xsl/customerFacingTemplate.xsl map:parameter name=centerPage value=cocoon:/internal/showProduct?productId=00123/ /map:transform The XSL is: ?xml version=1.0? xsl:stylesheet xmlns:xsl=http://www.w3.org/1999/XSL/Transform; version=1.0 xmlns:rp=http://www.redpouch.com/rp; xmlns:cinclude=http://apache.org/cocoon/include/1.0; xsl:param name=centerPage value=home/ xsl:template match=rp:[EMAIL PROTECTED] cinclude:include src=[EMAIL PROTECTED]/ /xsl:template !-- 1 other template to copy all other tags over -- /xsl:stylesheet The specific error is this: org.apache.cocoon.ProcessingException: Failed to execute pipeline.: java.lang.RuntimeException: org.apache.cocoon.ResourceNotFoundException: Resource not found.: org.apache.excalibur.source.SourceNotFoundException: file:/usr/local/tomcat/webapps/cocoon/$centerPage doesn't exist Any ideas?? Thanks, Sonny From: Horsfield, Peter A. [EMAIL PROTECTED] Absolutely: map:transform type=xslt map:parameter name=paramName value={1} / /map:transform Then, in your XSLT file at the top level (under stylesheet) xsl:param name=paramName value=defaultvalue / I've had problems using hyphens in parameter names, however. Peter -Original Message- From: Sonny Sukumar [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 08, 2003 3:03 PM To: [EMAIL PROTECTED] Subject: Pass sitemap params to xslt transformer? Is there any way to pass *sitemap* parameters to the xslt transformer (TraxTransformer)? I know there's a use-request-parameters option to use request parameters, but that's not what I want to do. I want to at least be able to pass in the request URI (e.g. requestUri in http://www.mysite.com/requestUri?id=12345;), but passing in parameters with names/values of my choosing from the sitemap would be better. Thanks for the help, Sonny _ Add MSN 8 Internet Software
RE: Pass sitemap params to xslt transformer?
From: Conal Tuohy [EMAIL PROTECTED] Sonny Sukumar wrote: Now here's the more general thing I'd like to do... The XML doc I'm transforming has a tag like this: rp:content replace-with=navigationMenu/ and, using my XSL stylesheet, I want to transform it to this: cinclude:include src=someSpecificSourceName/ The catch (and why I'm using xsl:params) is that the src for the cinclude:include should be an xsl:param passed into the XSL stylesheet with the navigationMenu name (in this example). So I'm trying to write a template to do this. Here's what I'm trying, but is not working: xsl:template match=rp:[EMAIL PROTECTED] cinclude:include src=[EMAIL PROTECTED]/ /xsl:template This is the output: cinclude:include xmlns:cinclude=http://apache.org/cocoon/include/1.0; src=/ Note the src=. What am I doing incorrectly? You can't do nested attribute values in XSLT. It seems to me you should just use: xsl:template match=rp:[EMAIL PROTECTED]'navigationMenu'] cinclude:include src={$navigationMenu}/ /xsl:template Ahh darn. It seems ironic that a recursive language like XSLT doesn't support nesting of brackets like this. Do you know if there is a fundamental reason for this, or is it something that hasn't been implemented in the XSLT spec yet? XSLT has been around for awhile, so I think if it were going to have this feature, it probably already would have. Anyhow, while it's disappointing that I can't do a more general version (to match all possible replace-with strings), this will work for my current needs. Thanks for all of your help, and I'll post again if I have some more problems with this. Best regards, Sonny _ Try MSN Messenger 6.0 with integrated webcam functionality! http://www.msnmessenger-download.com/tracking/reach_webcam - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Pass sitemap params to xslt transformer?
From: Conal Tuohy [EMAIL PROTECTED] You can't do nested attribute values in XSLT. It seems to me you should just use: xsl:template match=rp:[EMAIL PROTECTED]'navigationMenu'] cinclude:include src={$navigationMenu}/ /xsl:template Ahh darn. It seems ironic that a recursive language like XSLT doesn't support nesting of brackets like this. Do you know if there is a fundamental reason for this, or is it something that hasn't been implemented in the XSLT spec yet? XSLT has been around for awhile, so I think if it were going to have this feature, it probably already would have. The reason is that recursive AVT would mean referring to the value of a variable with a particular name, where the name was computed at runtime. XSLT doesn't do this, and neither do most languages: C, Java, etc, none of them do this. That's true, although PHP does it. Variable variables I think they call it. Would be nice! Anyhow, while it's disappointing that I can't do a more general version (to match all possible replace-with strings), this will work for my current needs. Of course, you'll need to pass all possible replace-with strings as individual parameters, too, won't you? So you have to deal with each one independently in any case. Yes, that's true. It's just a small consolation to write general template and simply add param declarations. Cheers Con PS probably you'd have better luck with this kind of question on the MulberryTech XSL list. MulberryTech eh? Sounds familiar, although I'm not sure what it is. I'll take a look though...thanks for the tip! Thanks again, Sonny _ Try MSN Messenger 6.0 with integrated webcam functionality! http://www.msnmessenger-download.com/tracking/reach_webcam - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
request:requestURI vs requestURI:requestURI
Hey guys, Does anybody know the difference between {request:requestURI} and {requestURI:requestURI}? I was discussing these things with Tony and Peter on the list yesterday, but I didn't get this quite clear in my mind. Do either of these return the full query string as well? I think I need that. FYI, the requestURI refers is not declared in cocoon.xconf by default (apparently) and refers to this class: http://cocoon.apache.org/2.1/apidocs/org/apache/cocoon/components/modules/input/RequestURIModule.html Thanks, Sonny _ Add MSN 8 Internet Software to your existing Internet access and enjoy patented spam protection and more. Sign up now! http://join.msn.com/?page=dept/byoa - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Pass sitemap params to xslt transformer?
Is there any way to pass *sitemap* parameters to the xslt transformer (TraxTransformer)? I know there's a use-request-parameters option to use request parameters, but that's not what I want to do. I want to at least be able to pass in the request URI (e.g. requestUri in http://www.mysite.com/requestUri?id=12345;), but passing in parameters with names/values of my choosing from the sitemap would be better. Thanks for the help, Sonny _ Add MSN 8 Internet Software to your existing Internet access and enjoy patented spam protection and more. Sign up now! http://join.msn.com/?page=dept/byoa - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Pass sitemap params to xslt transformer?
From: Horsfield, Peter A. [EMAIL PROTECTED] Absolutely: map:transform type=xslt map:parameter name=paramName value={1} / /map:transform Then, in your XSLT file at the top level (under stylesheet) xsl:param name=paramName value=defaultvalue / I've had problems using hyphens in parameter names, however. Is this a known bug in Cocoon? Peter -Original Message- From: Sonny Sukumar [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 08, 2003 3:03 PM To: [EMAIL PROTECTED] Subject: Pass sitemap params to xslt transformer? Is there any way to pass *sitemap* parameters to the xslt transformer (TraxTransformer)? I know there's a use-request-parameters option to use request parameters, but that's not what I want to do. I want to at least be able to pass in the request URI (e.g. requestUri in http://www.mysite.com/requestUri?id=12345;), but passing in parameters with names/values of my choosing from the sitemap would be better. Thanks for the help, Sonny _ Add MSN 8 Internet Software to your existing Internet access and enjoy patented spam protection and more. Sign up now! http://join.msn.com/?page=dept/byoa - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Get McAfee virus scanning and cleaning of incoming attachments. Get Hotmail Extra Storage! http://join.msn.com/?PAGE=features/es - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Pass sitemap params to xslt transformer?
From: Tony Collen [EMAIL PROTECTED] Sonny Sukumar wrote: Is there any way to pass *sitemap* parameters to the xslt transformer (TraxTransformer)? I know there's a use-request-parameters option to use request parameters, but that's not what I want to do. I want to at least be able to pass in the request URI (e.g. requestUri in http://www.mysite.com/requestUri?id=12345;), but passing in parameters with names/values of my choosing from the sitemap would be better. Yes, this is quite easy: map:match pattern=*.foo map:generate src=docs/bar.xml/ map:transform src=stylesheets/whatever.xsl map:parameter name=uri value={1}/ /map:transform map:serialize/ /map:match Hey thanks for that simple insight! You may also want to check out the requestURI input module Hmm, did you mean {request:requestURI} ? I did a quick Google search and that's all I found. I know some of these input modules were renamed within the past few months. _ Instant message in style with MSN Messenger 6.0. Download it now FREE! http://msnmessenger-download.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Pass sitemap params to xslt transformer?
From: Tony Collen [EMAIL PROTECTED] Sonny Sukumar wrote: Interestingit's not defined in my cocoon.xconf file, and I just upgraded to Cocoon 2.1.2 a couple of days ago when it came out. I know I excluded unstable blocks, etcis it considered unstable? Nope, I don't think so, you'll have to manually add it, it seems. Hmm ok, seems fairly new. I can't find an example of its usage either...do you have a 1-line syntax example handy? Thanks. Tony - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Instant message in style with MSN Messenger 6.0. Download it now FREE! http://msnmessenger-download.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Modifying Sitemap Causes Server Down Time!
Hi guys, I was running Cocoon 2.1.1 (a dev release from 1 week after the official release of 2.1) and I just changed my serializer in one of my pipelines to html from xml (it was supposed to be set to html), and then after that the server doesn't respond to any requests at all. I just get incessant timeouts and stopping/restarting Tomcat doesn't work. I have to actually reboot our server and start Tomcat again to get it to work. As you might imagine, this wastes all kinds of dev time, causes server downtime, and is just plain annoying. What could be wrong? I thought the sitemap is supposed to editable while Tomcat/Cocoon are running? I only changed 2 chars Thanks! Sonny _ Add MSN 8 Internet Software to your existing Internet access and enjoy patented spam protection and more. Sign up now! http://join.msn.com/?page=dept/byoa - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Need Session Help!
From: Tim Olson [EMAIL PROTECTED] My concern is that since URL encoding exposes the session ID in plain view, it's as good as compromised despite using SSL to encrypt it once the customer logs in. Was that why you were saying to only use session cookies everywhere? yes Ok, I see, but a session cookie is also compromised in a similar manner before heading into a protected area where the connection is encrypted. that's why you ensure that your first request is over https Hmm, I understand, but that mean encrypting every single request (via an SSL connection) to the e-comm site wouldn't it? After a session cookie is set (for any reason), isn't it sent along with every subsequent server request? Assuming it is, every request (even for product pages and general browsing) has to be encrypted, which doesn't seem practical. That's why I was asking if one could simply reset the session ID after logging in--but without losing the session contents. Sure, it's not nearly as clearly compromised as with URL encoding, but it is still sent in clear text to the server for each request. not with ssl. ssl will encrypt the entire http header including the cookie Right, server requests for general browsing shouldn't be encrypted (I don't know any e-comm site that does). In any case, to solve the problem, is there some way to force the server (Tomcat for us) to change the session ID referencing the same session once the user logs into a protected area? session.invalidate() But doesn't that discard the session? _ Get McAfee virus scanning and cleaning of incoming attachments. Get Hotmail Extra Storage! http://join.msn.com/?PAGE=features/es - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Need Session Help!
From: Joerg Heinicke [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: Need Session Help! Date: Sat, 27 Sep 2003 00:55:52 +0200 Sonny Sukumar wrote: Hi guys, I know I've brought up some session questions before, and I gained great insight from those discussions, but there's some issues I want to understand better before I make implementation decisions. Assume the context of a B2C e-commerce site when considering these issues ---Assume URL encoding is being used because a customer has all cookies turned off. 1.) Customer puts a few items in her shopping cart. 2.) Customer logs in to view some account details. 3.) Customer then sees her friend on IM and copies a product page URL to her friend. This URL contains her session ID. 4.) The friend clicks on the link and views the product page. However, she now can click on My Account or whatever or My Cart, and because she'll appear to be the first customer (she has the same session ID), she can view all the personal details she shouldn't be able to. What's the best way to go here? What about binding the session on an IP address? As I wrote the last time I don't like cookies (security problem if somebody does not logout explicitely). With either URL encoding or session cookies you're going to be logged in if you don't explicitly log out (i.e. click a Log out link on the site). This is just because closing the browser still leaves the session object in memory on the server until it times out. Having said that, session cookies do *not* require an explicit logout (from what info I've gathered) because they're resident in memory and not stored on the hard drive, so closing the browser destroys the session cookie. Closing the browser with URL encoding, on the other hand, still potentially leaves that session ID copied to somebody who shouldn't have it, written to some web server log, etc. That's why I prefer session cookies to URL encoding, although I do understand that some % of people choose to block all cookies entirely. For link rewriting you have the problem above. So why not testing server side if the login for a specific session was done using the same IP as the current request. The friend who got the copied link has not a valid IP/sessionid combination - and has to login itself. Yeah, that's a good idea (in theory at least) if you're going to use URL rewriting. I suppose one could get the IP with Request.getRemoteAddr() and get the session ID with Session.getId(), but then you'd need to maintain a mapping between all the session IDs and all the requesting host IPs within your application. This seems like duplicating the session management effort that Tomcat is expending, so isn't there some way to get Tomcat to check that a sent session ID matches with a previously recorded IP? Sonny Joerg _ High-speed Internet access as low as $29.95/month (depending on the local service providers in your area). Click here. https://broadband.msn.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Need Session Help!
: Re: Need Session Help! Date: Wed, 24 Sep 2003 17:49:15 -0600 (CST) Sonny Sukumar dijo: Hi guys, I know I've brought up some session questions before, and I gained great insight from those discussions, but there's some issues I want to understand better before I make implementation decisions. Assume the context of a B2C e-commerce site when considering these issues ---Assume URL encoding is being used because a customer has all cookies turned off. 1.) Customer puts a few items in her shopping cart. 2.) Customer logs in to view some account details. 3.) Customer then sees her friend on IM and copies a product page URL to her friend. This URL contains her session ID. 4.) The friend clicks on the link and views the product page. However, she now can click on My Account or whatever or My Cart, and because she'll appear to be the first customer (she has the same session ID), she can view all the personal details she shouldn't be able to. Yep. This is the cruel true. Some systems does not allow people to LogIn if they have not cokies enable (SquirrelMail is one of them). What's the best way to go here? I'm thinking that if A.) a given page allows URL encoding to be used and B.) it contains *any* sensitive info that shouldn't be seen even if the URL is copied and C.) even if the customer is already logged in then the customer should have to log in to see that page every time that page is requested. This seems like a hard policy to implement though (and tedious for the customer), and I don't see any support for it in the Auth Framework. Auth-FW use the session-FW. If you does not give the jsessionid=277C6FCB22B55AAF661F381AA867FC73 then the friend will need to LogIn too. Some sites allow you to post the links to friends with or without cokies, but when you decide to checkout you need to write your password again. This can be one solution. After all, if you have the session ID and the authentication context is in the session, then you're considered logged in. And with URL encoding, anybody could go and view your account details. Yep. For the time the session is valid. So I don't like URL encoding. :-) However, I'm worried about losing customers who don't have cookies turned on and I notice that most major e-commerce sites allow URL encoding. What would you do? --Should I ever allow URL encoding during the secure checkout process? The answer is above for URL encoding: The user must reenter the password. In theory it seems like if I'm storing a super sensitive piece of data like a credit card number in the session, then I wouldn't want the session ID being so visible as it is when in the URL textbox at the top of the browser window. No, I think the session cannot have too many info. All this info must be stored in a database and picked from there just only when you need it. It is not fine to let credit card info fly into the internet with no sense. URLs are also often stored in web server logs and other places, and if it contains the session ID this can spell trouble because there's a window of vulnerability. Our session timeout is set to 4 hours, so that's 4 hours during which somebody could access that sensitive info. I agree, but the window will be smaller if the user need to reenter the password. On the other hand, if pages coming before the checkout allow URL encoding and the checkout process doesn't, then that gives the impression that the site will always work even with session cookies turned off. Then the customer finally finds what she wants, puts it in her cart, and heads to checkout--only to find that she needs to have cookies enabled! I'm not sure that's the best way to go, although it can be argued from a security perspective (but customers are emotional and won't consider technical/security aspects for a second). I think with the increments of e-frauds they are really concerning about this. Many people often ask me about if is secure buy in the Net. Also they also are concerned if they can trust in the site. OK, this is just my view of the situation. Often some people ask me to be there when they will buy, just to be sure all will be OK and they will not give away more info that needed. Media are helping us in this arena. I think people is getting into the e-commerce slowly, becuse they know, there can be problems and they dont want to pay a bill from a e-fraud. --If URL encoding was being used on a previous page, and then now (say 5 minutes later, or sometime later that still comes before the session times out) session cookies are enabled, would it still be possible to use the previously encoded session ID to access the session? Or would Tomcat destroy that session ID key as soon as it recognizes it can use cookies? Dont know. For example, if my encoded session ID was ABCD (just an example!), and now I turn on cookies so the next page I request has no more encoded session ID, can I still somehow use
Re: Need Session Help!
I would be most grateful if some of you guys could weigh in on this. I'm trying to implement a secure and solid sessions strategy on an e-commerce website, and I've tried to summarize my current understanding below with some additional questions, both high and low level. This would also be quite beneficial for everybody in the same situation in the future, as our discussion will be logged in the archives for posterity. :-) Thanks, Sonny From: Sonny Sukumar [EMAIL PROTECTED] Hey all, Antonio brought up some good points (in line below) which made me really think, and so the following is my current understanding of how sessions should be implemented with some additional questions I thought of along the way. Again, please consider my thoughts in the context of a B2C e-commerce site --I think we agree that, although URL encoding has its pitfalls, it is an option that should be provided for generally browsing the B2C e-commerce website (product pages and the like) but not for viewing pages with sensitive information (like account detail pages and checkout pages). It should be provided for browsing because it is, in a way, asking too much to force a customer to enable session cookies just to browse, when there's no tangible benefit to the customer. For viewing sensitive pages, on the other hand, the tangible benefit is security and ease of use. --Why ease of use? I mentioned this because I think sufficient security *can* be provided for sensitive pages using URL encoding, but it would require a customer to log in *every* time she requests a protected page. This is because links can easily be copied to friends and by other means, which exposes the session ID and hence the session, so every single request must be treated like a potential Black Hat is trying to hijack the session and steal precious data. This seems too tedious for anybody to bear. With a session cookie, on the other hand, the session ID isn't going to wind up in web server logs, in plain text in the URL textbox at the top of the browser window, getting copied to friends and posted on discussion boards, etc. It is simply stored in RAM on a single customer's computer and is exposed only when being sent for each request. --Granted, this is still a significant risk, as the cookie could rather easily be captured if not encrypted, so an SSL connection is in order. But this seems to be a moot point because the connection should be encrypted anyway after logging into a protected part of the site. So the same encryption that protects the sensitive form/document data being sent back and forth will also protect the HTTP request header containing the cookie, from what I understand about SSL. (It does encrypt the whole HTTP packet, right?) --Antonio also raised the issue of whether to store data like a credit card number in the session, stating that it'd probably be better stored in the database and fetched later. I a.) It's slow (have to go to backend server + get data from disk vs. reading from memory on front end server). b.) Since we have no way of knowing when a customer closes her browser and stops shopping (terminating her session), how would we expunge this data from the database in a timely manner? c.) Our current policy is to never store a full credit card number in the database, but only the last 4 digits and this only after the transaction is processed and goes through. Rather, we just store the number in the session so we can later send it to the payment processor (over another SSL connection) d.) If we're still fetching the data based upon a session ID, it seems like a moot point to talk about where to store the data. Rather, it seems the question of how to protect the session ID is still the crucial issue. Despite the thoughts I listed above, I'd be interested to hear all your thoughts on this, as I could very well be missing things. --Another question: When switching from URL encoding to using a session cookie or vice versa during the *same* session, is the same session ID used? If so, then let's say a customer came to the site with session cookies disabled and browsed around for awhile using URL encoding. Say she copied links to a few of her friends (containing her session ID, of course) and now she goes to checkout. She discovers she needs to enable session cookies to log in and does so. Now she goes about entering sensitive personal info which is to be stored in the session. However, if her session ID is still the same as it was when using URL encoding, then the SSL protection for the cookie being sent back and forth is worthless. Or am I missing something here? --Using URL encoding for general browsing still exposes one's shopping cart to being seen and being changed since logging in isn't currently required to view/change the cart. Ideally, I'd like the cart to be protected as well so each customer has a truly private experience, whether URL
RE: Need Session Help!
to process a request is sent in the URL or in a form. this allows you to load balance a web cluster without the overhead of session replication. it also avoids the back button problem. even more, it allows you to reorganize the order of your pages with minimal effort. all credit card data is of course encrypted with an application private key. we also store credit card info in a separate database from the main data. all user passwords are hashed (non-reversably) as soon as they arrive and are never handled as plaintext. SSL does protect the entire HTTP header, including the requested URL and any exchanged cookies. make sure that your initial request is also over HTTPS or else the initial setting of the session cookie may be exposed. to enforce cookie use, just bounce them to the login page if no cookie is sent. if you're using standard container-managed sessions and the authentication framework, just set a userID in the session when the user logs in. for auth-protected resources, just check to see if that ID has been set. From: Sonny Sukumar [mailto:[EMAIL PROTECTED] I would be most grateful if some of you guys could weigh in on this. I'm trying to implement a secure and solid sessions strategy on an e-commerce website, and I've tried to summarize my current understanding below with some additional questions, both high and low level. This would also be quite beneficial for everybody in the same situation in the future, as our discussion will be logged in the archives for posterity. :-) Thanks, Sonny From: Sonny Sukumar [EMAIL PROTECTED] Hey all, Antonio brought up some good points (in line below) which made me really think, and so the following is my current understanding of how sessions should be implemented with some additional questions I thought of along the way. Again, please consider my thoughts in the context of a B2C e-commerce site --I think we agree that, although URL encoding has its pitfalls, it is an option that should be provided for generally browsing the B2C e-commerce website (product pages and the like) but not for viewing pages with sensitive information (like account detail pages and checkout pages). It should be provided for browsing because it is, in a way, asking too much to force a customer to enable session cookies just to browse, when there's no tangible benefit to the customer. For viewing sensitive pages, on the other hand, the tangible benefit is security and ease of use. --Why ease of use? I mentioned this because I think sufficient security *can* be provided for sensitive pages using URL encoding, but it would require a customer to log in *every* time she requests a protected page. This is because links can easily be copied to friends and by other means, which exposes the session ID and hence the session, so every single request must be treated like a potential Black Hat is trying to hijack the session and steal precious data. This seems too tedious for anybody to bear. With a session cookie, on the other hand, the session ID isn't going to wind up in web server logs, in plain text in the URL textbox at the top of the browser window, getting copied to friends and posted on discussion boards, etc. It is simply stored in RAM on a single customer's computer and is exposed only when being sent for each request. --Granted, this is still a significant risk, as the cookie could rather easily be captured if not encrypted, so an SSL connection is in order. But this seems to be a moot point because the connection should be encrypted anyway after logging into a protected part of the site. So the same encryption that protects the sensitive form/document data being sent back and forth will also protect the HTTP request header containing the cookie, from what I understand about SSL. (It does encrypt the whole HTTP packet, right?) --Antonio also raised the issue of whether to store data like a credit card number in the session, stating that it'd probably be better stored in the database and fetched later. I a.) It's slow (have to go to backend server + get data from disk vs. reading from memory on front end server). b.) Since we have no way of knowing when a customer closes her browser and stops shopping (terminating her session), how would we expunge this data from the database in a timely manner? c.) Our current policy is to never store a full credit card number in the database, but only the last 4 digits and this only after the transaction is processed and goes through. Rather, we just store the number in the session so we can later send it to the payment processor (over another SSL connection) d.) If we're still fetching the data based upon a session ID, it seems like a moot point to talk about where to store the data. Rather, it seems the question of how to protect the session ID is still the crucial issue. Despite the thoughts I
RE: Need Session Help!
From: Tim Olson [EMAIL PROTECTED] How much overhead does session replication actually cause vs. fetching everything from the database on every request? session replication across a cluster can be very expensive because session modifications are O(n) where n is the number of nodes. it's ok if your sessions are light, but it could become a network jam with heavy sessions and many nodes. Good point, although we haven't gotten to the stage where we need a web cluster (we certainly plan to, however). The shopping cart is the main thing we store in the session during the browsing process, and then much more data is stored in the session during the checkout process. I suppose that's one reason why some of the larger e-comm sites have dedicated servers for the checkout process. My concern is that since URL encoding exposes the session ID in plain view, it's as good as compromised despite using SSL to encrypt it once the customer logs in. Was that why you were saying to only use session cookies everywhere? yes Ok, I see, but a session cookie is also compromised in a similar manner before heading into a protected area where the connection is encrypted. Sure, it's not nearly as clearly compromised as with URL encoding, but it is still sent in clear text to the server for each request. I think a Black Hat could snatch it during one of these requests and later use it to request a protected page. Presumably, Black Hat couldn't use a standard web browser client to pull this off, but it's certainly feasible to write a client app that makes HTTP requests with a specified cookie embedded in the request header. Then the returned data could easily be saved and viewed in a regular browser or analyzed in some other not-so-sophisticated way. Which reminds me...is it possible to make certain URIs only accessible over an SSL connection? (Or over a certain port? because we'd know which port is the SSL port). But I'm guessing this wouldn't really do anything to help either because Black Hat could just initiate an SSL connection to that port anyway, right? In any case, to solve the problem, is there some way to force the server (Tomcat for us) to change the session ID referencing the same session once the user logs into a protected area? This would invalidate the session ID that Black Hat stole and not let him make bogus requests to steal sensitive session data. --Btw, are there any data indicating how many people surf the web with session cookies off? I'm only concerned with session cookies (which are only stored in RAM), and not normal cookies (which are stored on the hard drive). i'd like to see that data too, but i'm sure it's a very small number. also, anyone who knows how to turn their cookies off knows how to turn them back on again. even people who set IE6 to a more restrictive privacy setting generally still have session cookies enabled. we get few customer problems that are related to cookie use. Interesting..thanks for this insight. Our site will be mostly for college and young working women, so I don't think they really know much about setting/unsetting cookiesat least I hope they don't. Thanks again, Sonny _ Instant message in style with MSN Messenger 6.0. Download it now FREE! http://msnmessenger-download.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
How to fetch /authentication/ID in Action?
Hi guys, I'm working on creating a page that's not auth-protected at all, but it needs to show 1 particular piece of info if indeed the user is logged in. The pipeline that generates the page calls an Action, and this action is the thing that calculates the value if the user is logged in. So my question is: How can my Action programmatically determine if the user is logged in and, if so, fetch the /authentication/ID tag contents? For my protected pipelines that need to call actions and use the ID, I've just been using the {ID} returned by the auth-protect action, but I can't do that here. So how do I do it programmatically? Thanks! Sonny _ Fast, faster, fastest: Upgrade to Cable or DSL today! https://broadband.msn.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Wouldn't it be nice if...
From: Bertrand Delacretaz [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: Wouldn't it be nice if... Date: Sat, 13 Sep 2003 08:44:41 +0200 Le Samedi, 13 sep 2003, à 00:36 Europe/Zurich, Sonny Sukumar a écrit : I was just thinking...wouldn't it be nice if one could give a description to each pipeline (or matcher) in thes sitemap and then automatically generate documentation from that telling what each URI does?... I'm not sure if I understand correctly, do you mean something like map:match pattern=someStuff.pdf map:description Generates the PDF version of the live someStuff data /map:description And then generate a page with the patterns and corresponding descriptions? Yup, exactly. I think this is doable already with something like map:match pattern=someStuff.pdf !-- DESC: Generates the PDF version of the live someStuff data -- And an XSLT transform that takes sitemap.xmap as input and uses these DESC comments. But it's a bit hackish ;-) Yeah, that's what I mean. I'd far prefer a more elegant and organized (built-in support) approach, like the example you gave above. Sonny -Bertrand - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Compare Cable, DSL or Satellite plans: As low as $29.95. https://broadband.msn.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Wouldn't it be nice if...
From: Bertrand Delacretaz [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: Wouldn't it be nice if... Date: Sat, 13 Sep 2003 08:53:08 +0200 Le Samedi, 13 sep 2003, à 08:46 Europe/Zurich, Sonny Sukumar a écrit : ..I'd far prefer a more elegant and organized (built-in support) approach, like the example you gave above. Obviously ;-) I like the idea but currently lack the time to work on it myself - would you be able to come up with a patch given some advice from the dev list? Unfortunately not, since I'm working on more than full time (if that's possible ;-) on a Cocoon-based project right now. It sure would be nice though. If so, you might want to ask there. -Bertrand - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Send and receive larger attachments with Hotmail Extra Storage. http://join.msn.com/?PAGE=features/es - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: xsp:attr bug?
Yeah, it can be worked around, but is annoying (as all bugs are). I guess it's not a high enough priority to fix though, while still being a pain to fix. From: Joerg Heinicke [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: xsp:attr bug? Date: Wed, 10 Sep 2003 09:17:56 +0200 It's not the only one: http://nagoya.apache.org/bugzilla/show_bug.cgi?id=15841. These bugs can more or less easily be worked around e.g. by moving the xsp:logic outside the xsp:attribute IIRC. Joerg Sonny Sukumar wrote: How comes this doesn't work?: xsp:attribute name=error xsp:logic if (somVar == null) errorStatus = false; else errorStatus = true; /xsp:logic xsp:exprerrorStatus/xsp:expr /xsp:attribute What is strange to me that Cocoon doesn't complain in producing the Java code, but that it puts the equivalent Java code for xsp:exprerrorStatus/xsp:expr *before* the equivalent code fo the xsp:logic block. So it then fails to compile, saying that variable errorStatus may not have been initialized. So why does Cocoon generate the Java code backwards? Thanks, Sonny - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Send and receive larger attachments with Hotmail Extra Storage. http://join.msn.com/?PAGE=features/es - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
xsp:attr bug?
How comes this doesn't work?: xsp:attribute name=error xsp:logic if (somVar == null) errorStatus = false; else errorStatus = true; /xsp:logic xsp:exprerrorStatus/xsp:expr /xsp:attribute What is strange to me that Cocoon doesn't complain in producing the Java code, but that it puts the equivalent Java code for xsp:exprerrorStatus/xsp:expr *before* the equivalent code fo the xsp:logic block. So it then fails to compile, saying that variable errorStatus may not have been initialized. So why does Cocoon generate the Java code backwards? Thanks, Sonny _ Get 10MB of e-mail storage! Sign up for Hotmail Extra Storage. http://join.msn.com/?PAGE=features/es - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Can't close LogFactor5 windows
Does anybody else have problems closing the LogFactor5 windows that pop up? It doesn't let me close them for some reason, and I end up with them stacking up and taking up precious memory. Thanks for any insights, Sonny _ Fast, faster, fastest: Upgrade to Cable or DSL today! https://broadband.msn.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: No authentication context?
Ahh good point, and I was missing that, but I still can't get it to work after adding the auth-protect. Hmmm, what I want to do is this: 1.) Upon authentication, I store the user's email address in the ID tag in the doc the auth resource returns. 2.) My assumption until this point has been that the authentication context is now created in the session and stays there until the user logs out. Furthemore, I've assumed that I should be able to fetch the ID tag contents at any time while the user is logged in (the email address, in my case). I'm now using auth-protect with the correct handler in the pipeline, but I still get the same error--context authentication can't be found. From: Carsten Ziegeler [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: RE: *SPAM* No authentication context? Date: Wed, 3 Sep 2003 08:49:25 +0200 Hi, you can only get information from the authentication context, if you have the auth-protect action in the pipeline where you use the transformer. HTH Carsten -Original Message- From: Sonny Sukumar [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 03, 2003 8:38 AM To: [EMAIL PROTECTED] Subject: *SPAM* No authentication context? After logging in using the Auth Framework, I try to use the session transformer to fetch the ID in the authentication context, but I get a ProcessingException saying: org.apache.cocoon.ProcessingException: SessionManager.streamContextFragment: Context 'authentication' not found. Here's my syntax: session:getxml context=authentication path=/authentication/ID/ I made sure I really got logged in using auth-loggedIn. I also printed out all session atribute names right after logging in, and there's only 1 named org.apache.cocoon.webapps.authentication.components.DefaultAuthen ticationManager/UserStatus I thought the attribute was just supposed to be authentication? In any case, does that attribute name look correct to you? If my transformer parameters aren't correct, then the documentation is wrong. The doc I'm looking at it is here: http://cocoon.apache.org/2.1/developing/webapps/authentication.html Any ideas? Thanks, Sonny _ Get MSN 8 and enjoy automatic e-mail virus protection. http://join.msn.com/?page=features/virus - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Help protect your PC: Get a free online virus scan at McAfee.com. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Reg exp validation with Woody?
I'm looking for a solution to generate forms for every page of a checkout process on an e-commerce site, and so I started looking at Woody. I realize it's a work in progress, but I figure if there's a sample of its use in Cocoon 2.1 (which I'm using), it might just be able to do the job. But I'm wondering if I can do field validation with it using regular expressions. I looked at this Wiki page and the one it links to on validation syntax, and I didn't see anything about it: http://wiki.cocoondev.org/Wiki.jsp?page=WoodyNotes Thanks, Sonny _ Get MSN 8 and help protect your children with advanced parental controls. http://join.msn.com/?page=features/parental - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: HTML code shown in browser, not parsed
From: Sylvain Wallez [EMAIL PROTECTED] Sonny Sukumar wrote: Hey thanks for identifying the problem and fixing it. If I don't specify a mime-type for map:read does it always default to text/html? Nope : the ResourceReader (the default one) tries to determine the mime type from the extension of the src attribute using ServletContext.getMimeType(). Oh, ok, and that ServletContext.getMimeType() method probably uses the mime-type mappings defined in web.xml, right? If no mapping is defined, say for .htm like I used? Then is no mime-type set and the receiving client (in this case a web browser) supposed to guess what type of doc it is? Thank you for the insight, Sonny Sylvain -- Sylvain Wallez Anyware Technologies http://www.apache.org/~sylvain http://www.anyware-tech.com { XML, Java, Cocoon, OpenSource }*{ Training, Consulting, Projects } Orixo, the opensource XML business alliance - http://www.orixo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Enter for your chance to IM with Bon Jovi, Seal, Bow Wow, or Mary J Blige using MSN Messenger http://entertainment.msn.com/imastar - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to Get Data from Auth Context in Action?
Ok, I found this post from a year ago where Antonio Gallardo talks about how he created a xsp-session:getxml tag to do what I asked about. But it brought up another question in my mind: if a user is logged into 1 auth handler, and the context is supposed to referenced by the authentication session attribute, how are contexts for each handler stored in the session? As importantly, how are they retrieved? From: Sonny Sukumar [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: How to Get Data from Auth Context in Action? Date: Mon, 01 Sep 2003 12:33:22 -0700 I'm also trying to do what I wrote below within an XSP where I can't use the session transformer. I tried looking through the source code for the session transfomer (SessonPreTransformer to be exact), LoggedInAction, etc, but they also seem to inherit from other classes which allow them to retrieve certain manager instances to finally fetch the sesson context. I don't know how I'd do this with an XSP. I really just want to fetch the contents on the ID tag from the authentication context after anytime after somebody logs in. Thanks, Sonny From: Sonny Sukumar [EMAIL PROTECTED] Hi all, Sometime after someone logging in, I'm trying to access the authentication context, and fetch the ID value, etc within an Action I'm writing. Is it documented anywhere how to do this? I couldn't find it. Thanks, Sonny _ Enter for your chance to IM with Bon Jovi, Seal, Bow Wow, or Mary J Blige using MSN Messenger http://entertainment.msn.com/imastar - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ MSN 8: Get 6 months for $9.95/month http://join.msn.com/?page=dept/dialup - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Enter for your chance to IM with Bon Jovi, Seal, Bow Wow, or Mary J Blige using MSN Messenger http://entertainment.msn.com/imastar - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: HTML code shown in browser, not parsed
Hey thanks for identifying the problem and fixing it. If I don't specify a mime-type for map:read does it always default to text/html? From: Sylvain Wallez [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: HTML code shown in browser, not parsed Date: Sun, 31 Aug 2003 22:39:52 +0200 Sylvain Wallez wrote: Reinhard Poetz wrote: It seems this is the same problem as the sendPage() problem described recently on both lists because AFAIK sendPage(..) calls are internal redirects. Is anybody aware of any changes (environment, ...?) that could have caused this problem? I fixed bugs in internal redirects about two weeks ago, but I don't see how this can affect the mime type. Also, sendPageAndWait() also uses an internal redirect. I will investigate further on this... Found and fixed (in the CVS). The content type was not set in the case of internal redirects, leaving it to browser decision, mainly based upon file extension. In my case, I always use .html which displays well, whereas other unknown extensions appear to be rendered as text. All should be ok now. Sylvain -Original Message- From: Sonny Sukumar [mailto:[EMAIL PROTECTED] Sent: Sunday, August 31, 2003 12:43 AM To: [EMAIL PROTECTED] Subject: HTML code shown in browser, not parsed Hi guys, I just noticed this strange behavior today.. When I do an internal redirect to a trivially simple pipeline that just does a map:read to read an HTML document, then the actual HTML code for that doc is shown in my browser. Here's an example sitemap snippet: map:match pattern=doSomething !-- Do some things -- map:redirect-to uri=cocoon:/readStaticHtmlDoc/ map:match map:match pattern=readStaticHtmlDoc map:read src=myapp/html_files/someFile.htm/ /map:match Note that invoking readStaticHtmlDoc works just fine. Can anybody explain this? I upgraded to Cocoon 2.1.1-dev yesterday, and I'm on Tomcat 4.1.17 with JDK 1.4.2_01. I think it has to be a Cocoon-related thing though, whether my fault or a bug. It's probably my fault somehow, but it's never happened before. -- Sylvain Wallez Anyware Technologies http://www.apache.org/~sylvain http://www.anyware-tech.com { XML, Java, Cocoon, OpenSource }*{ Training, Consulting, Projects } Orixo, the opensource XML business alliance - http://www.orixo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Get MSN 8 and enjoy automatic e-mail virus protection. http://join.msn.com/?page=features/virus - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
HTML code shown in browser, not parsed
Hi guys, I just noticed this strange behavior today.. When I do an internal redirect to a trivially simple pipeline that just does a map:read to read an HTML document, then the actual HTML code for that doc is shown in my browser. Here's an example sitemap snippet: map:match pattern=doSomething !-- Do some things -- map:redirect-to uri=cocoon:/readStaticHtmlDoc/ map:match map:match pattern=readStaticHtmlDoc map:read src=myapp/html_files/someFile.htm/ /map:match Note that invoking readStaticHtmlDoc works just fine. Can anybody explain this? I upgraded to Cocoon 2.1.1-dev yesterday, and I'm on Tomcat 4.1.17 with JDK 1.4.2_01. I think it has to be a Cocoon-related thing though, whether my fault or a bug. It's probably my fault somehow, but it's never happened before. Thanks, Sonny _ MSN 8: Get 6 months for $9.95/month http://join.msn.com/?page=dept/dialup - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: More Tomcat troubles...
From: Geoff Howard [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: More Tomcat troubles... Date: Thu, 28 Aug 2003 18:13:37 -0400 Sonny Sukumar wrote: From: Geoff Howard [EMAIL PROTECTED] Sonny Sukumar wrote: Well I changed the path in server.xml to from cocoon awhile ago, since I don't want the cocoon/ in my URLs. So it's not that. I can access my Cocoon installation fine in general, but somehow trying to match against this /admin/fetchSomeFile has confused Tomcat when it shouldn't have. It should be passing control to Cocoon for Cocoon to match against admin/fetchSomeFile, but it's not. Make sense? Doesn't the default tomcat install have a webapp already mounted at admin either disable it, or rename your match to use myadmin or something. Wow, thanks Geoff! That worked, but why isn't a /admin Context defined in server.xml? Is there an admin.xml file in the webapps dir? This is a new alternative to editing server.xml and I like it but it can be confusing if you don't know where to look. Ahh, that there is, and it has the Context defined in it. Btw, do you think it is good to have the Tomcat admin interface running on a production site? I've never used it, so I'm not sure what it allows one to really do or if it presents a serious security risk. Geoff I'm trying to access http://my.server/admin/fetchSomeFile but Tomcat keeps me a HTTP Status 404 error saying The requested resource (/admin/fetchSomeFile) is not available I don't have any /admin context defined (and I commented out that /live context I've been trying to make work), so I just have the default context which Tomcat should choose. Then I have this Cocoon matcher: map:match pattern=admin/* map:read src=myapp/{1}.htm/ /map:match But the important thing is that Tomcat isn't invoking Cocoon. It seems like Contexts (in server.xml) were created to handle doing these kinds of things, yet I can't seem to make them work for any purpose. Could it have something to do with sevlet mappings in web.xml? The default URL pattern that comes with cocoon matches /, but would that cover this case? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Get MSN 8 and help protect your children with advanced parental controls. http://join.msn.com/?page=features/parental - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ MSN 8: Get 6 months for $9.95/month http://join.msn.com/?page=dept/dialup - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Cocoon 2: Authentication Framework: Session handling
Hi Alpana, Look here first: http://cocoon.apache.org/2.1/developing/webapps/authentication.html Some of the info on that page is outdated, which has been driving me crazy trying to figure out some errors. Couple of things to remember: --Use the request-param input module, not request, as in {request-param:userName}, etc. --The session:getxml .../ is inserted into XML docs you generate to be transformed by the Session transformer later in your pipeline. Also, use this URI for it in your XML doc: xmlns:session=http://apache.org/cocoon/session/1.0; --When specifying the path attribute in the session:getxml tag don't do /authentication/data/..., but do /data/... --If you get a NullPointerException when you try to submit your login page (like on line 290 of class PipelineAuthenticator, which is called by LoginAction), this indicates that something went wrong generating the XML from the auth resource. The NPE shouldn't get thrown, and Carsten was kind enough to submit a patch for this (presumably to throw a ProcessingException? not sure) 2 days ago, which should be in the latest CVS release. Also, definitely take a look at the auth sample in cocoon/samples/authenticaton-fw. The sitemap code in that directory will help. HTH, Sonny From: alpana [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Cocoon 2: Authentication Framework: Session handling Date: Thu, 28 Aug 2003 19:38:06 -0400 I am actively learning cocoon, and have been looking at the User guides and documents. because I am a newbie I am getting confused with the authentication, session contexts and handlers can somebody provide me a good site map example which 1. displays login page, 2. performs login validation, (using a Java Action class {custom built retrieves the parameters from the request attribute and performs validation) 3. creates a session when user is authenticated {done in sitemap} 4. displays a protected document 5. if invalid login id, password , displays an error page. and if I close the browser and try to access any protected pages , it should display the login page. I know this is very simple for users who have already done these.. but it will help me a long way in understanding cocoon. any link will also do, I have gone thru the apache.org. . but I need a complete example thanks in advance _ Help protect your PC: Get a free online virus scan at McAfee.com. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Is this an endorsed lib problem?
From: Michael Kurz [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: Is this an endorsed lib problem? Date: Fri, 29 Aug 2003 11:26:01 +0200 Sonny Sukumar wrote: From: Michael Kurz [EMAIL PROTECTED] Sonny Sukumar wrote: I know I know, an endorsed lib problem you say, since I *am* running JDK 1.4. I read http://wiki.cocoondev.org/Wiki.jsp?page=EndorsedLibsProblem and copied over these 3 jars into $CATALINA_HOME/common/endorsed: 1.) xalan-2.5.1.jar 2.) xercesImpl-2.4.0.jar 3.) xml-apis.jar Are these files the original files that came with your cocoon-version or newer ones? If you use newer versions, try to switch back. They are the originals. -- Michael _ Help protect your PC: Get a free online virus scan at McAfee.com. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Is this an endorsed lib problem?
From: Jon Bedworth [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: Is this an endorsed lib problem? Date: Fri, 29 Aug 2003 14:10:28 + Sonny Sukumar wrote: I now have those 3 jars in 4 different places: 1.) $CATALINA_HOME/common/endorsed 2.) $CATALINA_HOME/common/lib 3.) $CATALINA_HOME/webapps/cocoon/WEB-INF/lib 4.) $JAVA_HOME/jre/lib/endorsed I would suggest removing all jars except those in $CATALINA_HOME/common/endorsed. The problem may have arisen because you did not delete the ones in $CATALINA_HOME/webapps/cocoon/WEB-INF/lib. With a single set of jars in $CATALINA_HOME/common/endorsed I now have Cocoon 2.1 running in Tomcat 4.1, JDK 1.4.2, Win2K. Thanks for the tip, John. Everything I read said copy and not move, so I did just that. Anyhow, I upgraded to Tomcat 4.1.27 and Cocoon works (so far at least) without copying or moving anything. I'm not sure why that is. Do you guys think some strange problems might arise down the road if I don't move it? If figure it works, then I shouldn't mess with it. :-) Hope this helps Jon _ Get MSN 8 and enjoy automatic e-mail virus protection. http://join.msn.com/?page=features/virus - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How To Run 2 Cocoons Simultaneously?
Hmm, apparently I can read static html files under the /live context (using a simple Cocoon reader) but if I try to access *any* URI which involves database access I get: javax.servlet.ServletException: Servlet execution threw an exception at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:260) with root cause: java.lang.OutOfMemoryError Does that give you any idea how to fix the problem? From: Bertrand Delacretaz [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: How To Run 2 Cocoons Simultaneously? Date: Thu, 28 Aug 2003 08:31:10 +0200 Le Jeudi, 28 aoû 2003, à 00:37 Europe/Zurich, Sonny Sukumar a écrit : ...Nevertheless, I tried commenting out the hsqldb-server section in cocoon.xconf for both Cocoon instances. I still get a blank server response (if that's even a response) for the instance with path /live. The instance with default path () still works There should be an error message somewhere, check the Cocoon and tomcat logs. -Bertrand - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Get MSN 8 and enjoy automatic e-mail virus protection. http://join.msn.com/?page=features/virus - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: More Tomcat troubles...
Well I changed the path in server.xml to from cocoon awhile ago, since I don't want the cocoon/ in my URLs. So it's not that. I can access my Cocoon installation fine in general, but somehow trying to match against this /admin/fetchSomeFile has confused Tomcat when it shouldn't have. It should be passing control to Cocoon for Cocoon to match against admin/fetchSomeFile, but it's not. Make sense? From: Tim Olson [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: '[EMAIL PROTECTED]' [EMAIL PROTECTED] Subject: RE: More Tomcat troubles... Date: Thu, 28 Aug 2003 11:02:46 -0400 if cocoon is deployed as cocoon.war/ then the correct url would be http://my.server/cocoon/admin/fetchSomeFile -Original Message- From: Sonny Sukumar [mailto:[EMAIL PROTECTED] Sent: Thursday, August 28, 2003 3:55 AM To: [EMAIL PROTECTED] Subject: More Tomcat troubles... I'm trying to access http://my.server/admin/fetchSomeFile but Tomcat keeps me a HTTP Status 404 error saying The requested resource (/admin/fetchSomeFile) is not available I don't have any /admin context defined (and I commented out that /live context I've been trying to make work), so I just have the default context which Tomcat should choose. Then I have this Cocoon matcher: map:match pattern=admin/* map:read src=myapp/{1}.htm/ /map:match But the important thing is that Tomcat isn't invoking Cocoon. It seems like Contexts (in server.xml) were created to handle doing these kinds of things, yet I can't seem to make them work for any purpose. Could it have something to do with sevlet mappings in web.xml? The default URL pattern that comes with cocoon matches /, but would that cover this case? _ Get MSN 8 and enjoy automatic e-mail virus protection. http://join.msn.com/?page=features/virus - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Get MSN 8 and help protect your children with advanced parental controls. http://join.msn.com/?page=features/parental - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How To Run 2 Cocoons Simultaneously?
I don't think it really has anything to do with my not having sufficient system memory, as this error only comes when I try to access a URI that does even extremely simple database access AND only when using the live/ context I newly defined in Tomcat's server.xml. My normal Cocoon installation can do far more intensive db processing without ever getting a java.lang.OutOfMemoryError. There must be a deeper problem. From: e nio [EMAIL PROTECTED] In the bottom of your stack trace, OutOfMemoryError -- you need to specify more memory for your JVM perhaps, which can be specified as an option to Tomcat. I have been experiencing this outofmemoryerror lately, I stopped the jvm (ie tomcat) and restarted and so far has recovered. Don't know if in the long run you can continually recover. e nio --- Sonny Sukumar [EMAIL PROTECTED] wrote: Hmm, apparently I can read static html files under the /live context (using a simple Cocoon reader) but if I try to access *any* URI which involves database access I get: javax.servlet.ServletException: Servlet execution threw an exception at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:260) with root cause: java.lang.OutOfMemoryError Does that give you any idea how to fix the problem? From: Bertrand Delacretaz [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: How To Run 2 Cocoons Simultaneously? Date: Thu, 28 Aug 2003 08:31:10 +0200 Le Jeudi, 28 aoû 2003, à 00:37 Europe/Zurich, Sonny Sukumar a écrit : ...Nevertheless, I tried commenting out the hsqldb-server section in cocoon.xconf for both Cocoon instances. I still get a blank server response (if that's even a response) for the instance with path /live. The instance with default path () still works There should be an error message somewhere, check the Cocoon and tomcat logs. -Bertrand - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Get MSN 8 and enjoy automatic e-mail virus protection. http://join.msn.com/?page=features/virus - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Get MSN 8 and enjoy automatic e-mail virus protection. http://join.msn.com/?page=features/virus - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Is this an endorsed lib problem?
I tried upgrading my Tomcat from 4.1.12 to 4.1.24 but next to nothing happens, my browser indicates it's forever loading, and yet I hit view source and see this blank doc: !DOCTYPE html PUBLIC -//W3C//DTD HTML 4.01 Transitional//ENhtmlheadtitle/title/headbody/body/html I know I know, an endorsed lib problem you say, since I *am* running JDK 1.4. I read http://wiki.cocoondev.org/Wiki.jsp?page=EndorsedLibsProblem and copied over these 3 jars into $CATALINA_HOME/common/endorsed: 1.) xalan-2.5.1.jar 2.) xercesImpl-2.4.0.jar 3.) xml-apis.jar I also left these jars intact in $CATALINA_HOME/webapps/cocoon/WEB-INF/lib. I also copied over my old server.xml file (I'm assuming the format didn't change between 4.1.12 and 4.1.24), restarted, but still can't get a server response. What might be the problem? _ Get MSN 8 and help protect your children with advanced parental controls. http://join.msn.com/?page=features/parental - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: More Tomcat troubles...
From: Geoff Howard [EMAIL PROTECTED] Sonny Sukumar wrote: Well I changed the path in server.xml to from cocoon awhile ago, since I don't want the cocoon/ in my URLs. So it's not that. I can access my Cocoon installation fine in general, but somehow trying to match against this /admin/fetchSomeFile has confused Tomcat when it shouldn't have. It should be passing control to Cocoon for Cocoon to match against admin/fetchSomeFile, but it's not. Make sense? Doesn't the default tomcat install have a webapp already mounted at admin either disable it, or rename your match to use myadmin or something. Wow, thanks Geoff! That worked, but why isn't a /admin Context defined in server.xml? Geoff From: Tim Olson [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: '[EMAIL PROTECTED]' [EMAIL PROTECTED] Subject: RE: More Tomcat troubles... Date: Thu, 28 Aug 2003 11:02:46 -0400 if cocoon is deployed as cocoon.war/ then the correct url would be http://my.server/cocoon/admin/fetchSomeFile -Original Message- From: Sonny Sukumar [mailto:[EMAIL PROTECTED] Sent: Thursday, August 28, 2003 3:55 AM To: [EMAIL PROTECTED] Subject: More Tomcat troubles... I'm trying to access http://my.server/admin/fetchSomeFile but Tomcat keeps me a HTTP Status 404 error saying The requested resource (/admin/fetchSomeFile) is not available I don't have any /admin context defined (and I commented out that /live context I've been trying to make work), so I just have the default context which Tomcat should choose. Then I have this Cocoon matcher: map:match pattern=admin/* map:read src=myapp/{1}.htm/ /map:match But the important thing is that Tomcat isn't invoking Cocoon. It seems like Contexts (in server.xml) were created to handle doing these kinds of things, yet I can't seem to make them work for any purpose. Could it have something to do with sevlet mappings in web.xml? The default URL pattern that comes with cocoon matches /, but would that cover this case? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Get MSN 8 and help protect your children with advanced parental controls. http://join.msn.com/?page=features/parental - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: More Tomcat troubles...
Uhhh, I don't know why the below message got delivered again. That's strange. Anyhow, please ignore it. From: Sonny Sukumar [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: RE: More Tomcat troubles... Date: Thu, 28 Aug 2003 11:09:02 -0700 Well I changed the path in server.xml to from cocoon awhile ago, since I don't want the cocoon/ in my URLs. So it's not that. I can access my Cocoon installation fine in general, but somehow trying to match against this /admin/fetchSomeFile has confused Tomcat when it shouldn't have. It should be passing control to Cocoon for Cocoon to match against admin/fetchSomeFile, but it's not. Make sense? From: Tim Olson [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: '[EMAIL PROTECTED]' [EMAIL PROTECTED] Subject: RE: More Tomcat troubles... Date: Thu, 28 Aug 2003 11:02:46 -0400 if cocoon is deployed as cocoon.war/ then the correct url would be http://my.server/cocoon/admin/fetchSomeFile -Original Message- From: Sonny Sukumar [mailto:[EMAIL PROTECTED] Sent: Thursday, August 28, 2003 3:55 AM To: [EMAIL PROTECTED] Subject: More Tomcat troubles... I'm trying to access http://my.server/admin/fetchSomeFile but Tomcat keeps me a HTTP Status 404 error saying The requested resource (/admin/fetchSomeFile) is not available I don't have any /admin context defined (and I commented out that /live context I've been trying to make work), so I just have the default context which Tomcat should choose. Then I have this Cocoon matcher: map:match pattern=admin/* map:read src=myapp/{1}.htm/ /map:match But the important thing is that Tomcat isn't invoking Cocoon. It seems like Contexts (in server.xml) were created to handle doing these kinds of things, yet I can't seem to make them work for any purpose. Could it have something to do with sevlet mappings in web.xml? The default URL pattern that comes with cocoon matches /, but would that cover this case? _ Get MSN 8 and enjoy automatic e-mail virus protection. http://join.msn.com/?page=features/virus - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Get MSN 8 and help protect your children with advanced parental controls. http://join.msn.com/?page=features/parental - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Get MSN 8 and help protect your children with advanced parental controls. http://join.msn.com/?page=features/parental - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: URLs being encoded WITH cookies enabled
Hi all, Joerg made a good point the other day (below) about always using URL rewriting rather than cookies, for security reasons. I've decided that we should do the same, since ours will be an e-commerce site and if somebody is using a public computer (like at a university) then closing the browser shouldn't leave that person logged in (and hence leave their personal account details vulnerable, even if somebody else can't place an order without entering a credit card). I was also wrong in saying that the URLs were being encoded whether or not cookies are enabled--they're actually not, as I've verified today. With all that said, how can I tell Tomcat to always encode the URLs? It says this in the API documentation for method encodeURL() in the interface HttpServletResponse: Encodes the specified URL by including the session ID in it, or, if encoding is not needed, returns the URL unchanged. The implementation of this method includes the logic to determine whether the session ID needs to be encoded in the URL. For example, if the browser supports cookies, or session tracking is turned off, URL encoding is unnecessary. This doc is here: http://java.sun.com/j2ee/sdk_1.2.1/techdocs/api/javax/servlet/http/HttpServletResponse.html#encodeURL(java.lang.String) Not a Tomcat-specific doc, but the behavior matches what I'm seeing. Sonny From: Joerg Heinicke [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: URLs being encoded WITH cookies enabled Date: Tue, 26 Aug 2003 10:16:21 +0200 Sonny Sukumar wrote: Anyhow, 2 other reasons I'd prefer URL/link rewriting not to occur when cookies are enabled: 1.) It takes up precious time to parse a document and rewrite links. IMO this can be ignored. The second reason is much more important. We do the link rewriting ourself in a XSLT stylesheet when generating the page. This is especially useful if you need rewritten JavaScript links. 2.) If someone closes the browser, the session is gone, whereas a cookie still remains even after closing the browser and can be used to re-establish the same session, provided the session is still valid on the server. This is true and maybe important for you or your user's comfort. As we develope mostly applications related to banking or payment the security issues are more important for us. If anybody leaves his PC for 5 minutes for smoking or coffee nobody else shall simply open the browser and order something with the other one's identity. So we abstain from cookies completely. Joerg - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ MSN 8: Get 6 months for $9.95/month. http://join.msn.com/?page=dept/dialup - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Is this an endorsed lib problem?
From: Michael Kurz [EMAIL PROTECTED] Sonny Sukumar wrote: I know I know, an endorsed lib problem you say, since I *am* running JDK 1.4. I read http://wiki.cocoondev.org/Wiki.jsp?page=EndorsedLibsProblem and copied over these 3 jars into $CATALINA_HOME/common/endorsed: 1.) xalan-2.5.1.jar 2.) xercesImpl-2.4.0.jar 3.) xml-apis.jar I also left these jars intact in $CATALINA_HOME/webapps/cocoon/WEB-INF/lib. Try to copy these three files to $CATALINA_HOME/common/lib (and if this won't work maybe also to $JAVA_HOME/jre/lib/endorsed), too. For me it worked. -- Michael Hi Michael, I tried your suggestions, but I still can't get it to work. Here's what I did... After copying the 3 jars to common/lib, I got immediate responses BUT they were *completely* empty (not even that blank HTML doc I was getting before). There was no endorsed folder under $JAVA_HOME/jre/lib, so I created one and copied the JARs there, restarted Tomcat, and...server responses started taking a really long time again ( 60 seconds) I even tried restarting my computer a few times in between trying your suggestions, but no luck. I now have those 3 jars in 4 different places: 1.) $CATALINA_HOME/common/endorsed 2.) $CATALINA_HOME/common/lib 3.) $CATALINA_HOME/webapps/cocoon/WEB-INF/lib 4.) $JAVA_HOME/jre/lib/endorsed Sonny _ MSN 8: Get 6 months for $9.95/month. http://join.msn.com/?page=dept/dialup - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How To Run 2 Cocoons Simultaneously?
From: Michael Wechner [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: How To Run 2 Cocoons Simultaneously? Date: Wed, 27 Aug 2003 08:33:26 +0200 Sonny Sukumar wrote: Hi guys, I'm trying to run a 2nd cocoon webapp on the same Tomcat instance, so that one can be for testing (and using a test backend db) and another for using what will be a live backend db. However, something isn't working right (rather, I'm getting something wrong). To make things simple, I just: 1.) copied my entire cocoon directory to a directory called cocoon_live in $CATALINA_HOME/webapps 2.) edited $CATALINA_HOME/conf/server.xml and added a 2nd Context element right below the first, this one with path=/live and docBase=cocoon_live. The first Context has path= and docBase=cocoon 4.) Shutdown and restarted Tomcat, and tried to connect to http://my.server/live/html_files/some_sample_file.htm, but all I get is a completely blank response. My app *is* database driven and uses Tomcat's DBCP, but I'm not able even to read a simple html file.The html files were copied along with the cocoon directory, so all the paths should be correct. It doesn't look like the Cocoon app under the /live virtual path is even being invoked. My original Cocoon (the one I'm using for testing) still works though. Any ideas? Have you reconfigured the port of HSQL (9002) of one of the Cocoon instances, else you will have two HSQLDBs trying to run on the same port HSQL? I'm running MySQL databases on the backend, but I think I'm misunderstanding what you're saying. Does Cocoon use HSQL internally or something? HTH Michael I need to be able to run testing/live apps simultaneously from now on, so I'd appreciate your advice. Thanks as always, Sonny P.S. I'm running Cocoon 2.1 on Tomcat 4.1.12 _ Get MSN 8 and enjoy automatic e-mail virus protection. http://join.msn.com/?page=features/virus - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ MSN 8: Get 6 months for $9.95/month. http://join.msn.com/?page=dept/dialup - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How To Run 2 Cocoons Simultaneously?
From: Michael Kurz [EMAIL PROTECTED] - Original Message - Sonny Sukumar [EMAIL PROTECTED] My app *is* database driven and uses Tomcat's DBCP, but I'm not able even to read a simple html file.The html files were copied along with the cocoon directory, so all the paths should be correct. It doesn't look like the Cocoon app under the /live virtual path is even being invoked. My original Cocoon (the one I'm using for testing) still works though. I've recently had a similiar problem with a sub-sitemap. I moved it from one tomcat installation to another (on a different computer but the completely same installation) and nothing worked. After deleting the corresponding parts in the tomcat-work directory everything worked again. I tried deleting the work directories in Tomcat and restarting, but the same problem exists. It's not even a Cocoon problem (not yet at least), because Cocoon isn't even being invoked. When I tried to access the /live Context I defined (under the same Host as the default Context path), Tomcat just spins its wheels for awhile and then returns a completely empty response. I mean, I do View Source and there's nothing there. Perhaps I should join the Tomcat Users list or something and ask there? -- Michael _ Get MSN 8 and enjoy automatic e-mail virus protection. http://join.msn.com/?page=features/virus - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How To Run 2 Cocoons Simultaneously?
From: Geoff Howard [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: How To Run 2 Cocoons Simultaneously? Date: Wed, 27 Aug 2003 18:13:37 -0400 Sonny Sukumar wrote: From: Michael Kurz [EMAIL PROTECTED] - Original Message - Sonny Sukumar [EMAIL PROTECTED] My app *is* database driven and uses Tomcat's DBCP, but I'm not able even to read a simple html file.The html files were copied along with the cocoon directory, so all the paths should be correct. It doesn't look like the Cocoon app under the /live virtual path is even being invoked. My original Cocoon (the one I'm using for testing) still works though. I've recently had a similiar problem with a sub-sitemap. I moved it from one tomcat installation to another (on a different computer but the completely same installation) and nothing worked. After deleting the corresponding parts in the tomcat-work directory everything worked again. I tried deleting the work directories in Tomcat and restarting, but the same problem exists. It's not even a Cocoon problem (not yet at least), because Cocoon isn't even being invoked. When I tried to access the /live Context I defined (under the same Host as the default Context path), Tomcat just spins its wheels for awhile and then returns a completely empty response. I mean, I do View Source and there's nothing there. Perhaps I should join the Tomcat Users list or something and ask there? Did you try fixing the hsql block issue yet? See Bertrand's email from about 12 hours ago. Bertrand said If that's the problem, you should see an exception saying port is already in use or something in the tomcat or Cocoon logs when the second instance of Cocoon starts. Nevertheless, I tried commenting out the hsqldb-server section in cocoon.xconf for both Cocoon instances. I still get a blank server response (if that's even a response) for the instance with path /live. The instance with default path () still works. I also have a separate question: How does the datasources section in cocoon.xconf differ from using DBCP where I set it up in web.xml/server.xml? I see some connection pooling defined within that datasources tag. I'm not very good with J2EE config files yet (like web.xml/server.xml), hence my confusion. :-/ Thanks, Sonny Geoff - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ MSN 8: Get 6 months for $9.95/month. http://join.msn.com/?page=dept/dialup - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: URLs being encoded WITH cookies enabled
From: Joerg Heinicke [EMAIL PROTECTED] Sonny Sukumar wrote: Anyhow, 2 other reasons I'd prefer URL/link rewriting not to occur when cookies are enabled: 1.) It takes up precious time to parse a document and rewrite links. IMO this can be ignored. The second reason is much more important. Ignore performance? I don't think you meant that per se, but I get what you're saying in light of the good point you made below. We do the link rewriting ourself in a XSLT stylesheet when generating the page. This is especially useful if you need rewritten JavaScript links. Does the include/exclude params offered by the EncodeURLTransformer make it to hard to encode JS links? I haven't done too much with JS myself, so I was just wondering. 2.) If someone closes the browser, the session is gone, whereas a cookie still remains even after closing the browser and can be used to re-establish the same session, provided the session is still valid on the server. This is true and maybe important for you or your user's comfort. As we develope mostly applications related to banking or payment the security issues are more important for us. If anybody leaves his PC for 5 minutes for smoking or coffee nobody else shall simply open the browser and order something with the other one's identity. So we abstain from cookies completely. Ok, I get why you prefer rewriting now. :-) It is a very good point actually, and while I'm working on B2C e-commerce and not for a major financial institution, I think I would do well to keep that in mind. It seems like some of the major ecomm sites (like bn.com, amazon) use link rewriting whereas some others (like vicoriassecret.com) don't. I just gleaned this info from a cursory glance at these sites. Sonny Joerg - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Get MSN 8 and enjoy automatic e-mail virus protection. http://join.msn.com/?page=features/virus - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: URLs being encoded WITH cookies enabled
Hi guys, I sent the below message a few days ago but didn't hear from anyone. I'm not sure why the links are being rewritten, and I've verified that it happens with IE as well (again, with cookies enabled). I'm using the EncodeURLTransformer in all of my pipelines just before serializing the output, but from what I read I thought it is only supposed to encode URLs if cookies are disabled in the browser. I've confirmed that cookies are enabled for my browser (Mozilla Firebird v0.6), but the URLs keep getting rewritten with a jsessionid parameter. What could be wrong? _ Enter for your chance to IM with Bon Jovi, Seal, Bow Wow, or Mary J Blige using MSN Messenger http://entertainment.msn.com/imastar - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ MSN 8: Get 6 months for $9.95/month. http://join.msn.com/?page=dept/dialup - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Cocoon 2.1 Auth Bug??? [was 1 more auth question..]
I'm using Cocoon version 2.1, and I downloaded it the day after it was officially released a week or two ago. I don't think it can be anything but a bug in Cocoon itself, which is very troubling to me since I need this to work. To reiterate what I think is the bug, the auth-login action doesn't seem to work--it just always redirects to the redirect-to document defined in the auth handler. I really would like to know if *anybody* out there is successfully using the authentication framework in Cocoon 2.1. Can anybody in the developer community help me out? Should I join that list and post on there?? Thanks, Sonny Sonny I have looked through all of this and I cannot see anything wrong. I agree with your comment about the redirect only happening within an auth-prodect. The only thing you are doing differently to me is that you are using map:read and I use redirects on success and a full generate-transform-serialize process on failure. Which version of Cocoon are you using? Maybe there is a bug in the version you are using??? Andrew Sonny Sukumar wrote: Hi Andrew, My point was that the login page should never get involved, since no redirect should occur to it using auth-login. Neverthless, I must be missing something, so here's my authentication sitemap code in its entirety, including the handler configuration. Take a look and let me know if you see something amiss. map:component-configurations ... authentication-manager handlers !-- Authenticates site administrators. -- handler name=adminAuthHandler redirect-to uri=cocoon:/getAdminLoginPage/ authentication uri=cocoon:/raw:/authenticateAdmin/ /handler /handlers /authentication-manager ... /map:component-configurations ... !-- Generate and display the login page.-- map:match pattern=getAdminLoginPage map:generate src=myapp/xml/adminLogin.xsp type=serverpages/ map:transform type=session/ map:serialize type=xml/ /map:match !-- Try to log in the admin. -- map:match pattern=adminLogin map:act type=auth-login map:parameter name=handler value=adminAuthHandler/ map:parameter name=parameter_userName value={request-param:userName}/ map:parameter name=parameter_password value={request-param:password}/ map:read src=myapp/html_test/authSucceeded.html/ /map:act !-- Authentication failed -- map:read src=myapp/html_test/authFailed.html/ /map:match !-- My auth resource, as defined in the handler. -- map:match pattern=authenticateAdmin map:generate src=myapp/xml/authenticateAdmin.xsp type=serverpages/ map:serialize type=xml/ /map:match map:match pattern=adminLogout map:act type=auth-logout map:parameter name=handler value=adminAuthHandler/ !--+ | ::UNRESOLVED ISSUE:: SS 08/19/03 | | Admin logout succeeded, so tell admin in some way, perhaps | a static page. +-- /map:act !--+ | ::UNRESOLVED ISSUE:: SS 08/19/03 | | Admin logout failed. Is that even possible? What to do here? +-- /map:match From: Andrew Timberlake [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: 1 more auth question.. Date: Sun, 24 Aug 2003 12:58:22 +0200 Sonny I've had a look and I'm not sure why this is happenning. There are bits of the sitemap missing which are still part of the auth process such as your login page itself. Maybe the problem lies there somewhere??? Sorry I can't help further. Andrew Sonny Sukumar wrote: Update: I was mistake before when I said that if the login suceeds, the correct html file is shown. It's not. Rather, in both cases I'm redirected to the pipeline defined in the authentication handler. To reiterate, this confuses me because I thought no such redirect should ever occur with auth-login, but rather only with auth-protect. Again, take a look at the sitemap snippet from my original post (below here). Any insights would be great, Sonny From: Sonny Sukumar [EMAIL PROTECTED] Hi Andrew, Thanks for that tip. But there seems to be something else going on as well If the login succeeds, the correct static html file is shown (see the the sitemap snippet I gave before--below), but if it fails then I end up being redirected to the redirect-to page defined for the auth handler. I thought that if the auth-login fails, then it would just read whatever comes after the action (another static html file, for testing at least). To add to the strangeness, the redirected to page (a login page I generate) shows the originally requested URI (I embed the originally requested URI in the generated login page) as getting the userName and password each **twice**. Here's
Re: Cocoon 2.1 Auth Bug??? [was 1 more auth question..]
Hmm, that article doesn't mention anything about auth-login or auth-protect, which is what I'm using. auth-login seems to be the source of the buggy behavior for me. I'm using Cocoon 2.1 on Tomcat 4.1.12 with JDK 1.4.1_01. From: e nio [EMAIL PROTECTED] Have you tried this excellent sample from Lajoz? http://www.javaworld.com/javaworld/jw-09-2002/jw-0920-cocoon_p.html This work for me on 2.1m2 and the newest 2.1 release. enio --- Sonny Sukumar [EMAIL PROTECTED] wrote: I'm using Cocoon version 2.1, and I downloaded it the day after it was officially released a week or two ago. I don't think it can be anything but a bug in Cocoon itself, which is very troubling to me since I need this to work. To reiterate what I think is the bug, the auth-login action doesn't seem to work--it just always redirects to the redirect-to document defined in the auth handler. I really would like to know if *anybody* out there is successfully using the authentication framework in Cocoon 2.1. Can anybody in the developer community help me out? Should I join that list and post on there?? Thanks, Sonny Sonny I have looked through all of this and I cannot see anything wrong. I agree with your comment about the redirect only happening within an auth-prodect. The only thing you are doing differently to me is that you are using map:read and I use redirects on success and a full generate-transform-serialize process on failure. Which version of Cocoon are you using? Maybe there is a bug in the version you are using??? Andrew Sonny Sukumar wrote: Hi Andrew, My point was that the login page should never get involved, since no redirect should occur to it using auth-login. Neverthless, I must be missing something, so here's my authentication sitemap code in its entirety, including the handler configuration. Take a look and let me know if you see something amiss. map:component-configurations ... authentication-manager handlers !-- Authenticates site administrators. -- handler name=adminAuthHandler redirect-to uri=cocoon:/getAdminLoginPage/ authentication uri=cocoon:/raw:/authenticateAdmin/ /handler /handlers /authentication-manager ... /map:component-configurations ... !-- Generate and display the login page.-- map:match pattern=getAdminLoginPage map:generate src=myapp/xml/adminLogin.xsp type=serverpages/ map:transform type=session/ map:serialize type=xml/ /map:match !-- Try to log in the admin. -- map:match pattern=adminLogin map:act type=auth-login map:parameter name=handler value=adminAuthHandler/ map:parameter name=parameter_userName value={request-param:userName}/ map:parameter name=parameter_password value={request-param:password}/ map:read src=myapp/html_test/authSucceeded.html/ /map:act !-- Authentication failed -- map:read src=myapp/html_test/authFailed.html/ /map:match !-- My auth resource, as defined in the handler. -- map:match pattern=authenticateAdmin map:generate src=myapp/xml/authenticateAdmin.xsp type=serverpages/ map:serialize type=xml/ /map:match map:match pattern=adminLogout map:act type=auth-logout map:parameter name=handler value=adminAuthHandler/ !--+ | ::UNRESOLVED ISSUE:: SS 08/19/03 | | Admin logout succeeded, so tell admin in some way, perhaps | a static page. +-- /map:act !--+ | ::UNRESOLVED ISSUE:: SS 08/19/03 | | Admin logout failed. Is that even possible? What to do here? +-- /map:match From: Andrew Timberlake [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: 1 more auth question.. Date: Sun, 24 Aug 2003 12:58:22 +0200 Sonny I've had a look and I'm not sure why this is happenning. There are bits of the sitemap missing which are still part of the auth process such as your login page itself. Maybe the problem lies there somewhere??? Sorry I can't help further. Andrew Sonny Sukumar wrote: Update: I was mistake before when I said that if the login suceeds, the correct html file is shown. It's not. Rather, in both cases I'm redirected to the pipeline defined in the authentication handler. To reiterate, this confuses me because I thought no such redirect should ever occur with auth-login, but rather only with auth-protect. Again, take a look at the sitemap snippet from my original post (below here). Any insights would be great, Sonny From
Re: URLs being encoded WITH cookies enabled
Good question, Joerg. I was told by 1 or 2 other people on this list that the EncodeURLTransformer won't rewrite the links with the session ID if cookies are enabled. Thus, they said, I could use map:transform type=encodeURL/ at the end of all of my pipelines with impunity. It will work when it needs to work, and do nothing when cookies are enabled. So I tried it, and now I notice links are being rewritten even with cookies enabled, both for Mozilla Firebird and for IE (IE is the most important for us by far). Anyhow, 2 other reasons I'd prefer URL/link rewriting not to occur when cookies are enabled: 1.) It takes up precious time to parse a document and rewrite links. 2.) If someone closes the browser, the session is gone, whereas a cookie still remains even after closing the browser and can be used to re-establish the same session, provided the session is still valid on the server. I might easily have some misunderstandings here, which is why I've tried to explain my current understanding. Please point out any points on which I have erred. Sonny From: Joerg Heinicke [EMAIL PROTECTED] I wonder why you don't abstain from cookies completely? If you use URL encoding for some users why not for all? We disregard cookies in our company completely because can potentially have switched them off. Joerg Sonny Sukumar wrote: Hi guys, I sent the below message a few days ago but didn't hear from anyone. I'm not sure why the links are being rewritten, and I've verified that it happens with IE as well (again, with cookies enabled). I'm using the EncodeURLTransformer in all of my pipelines just before serializing the output, but from what I read I thought it is only supposed to encode URLs if cookies are disabled in the browser. I've confirmed that cookies are enabled for my browser (Mozilla Firebird v0.6), but the URLs keep getting rewritten with a jsessionid parameter. What could be wrong? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ MSN 8: Get 6 months for $9.95/month http://join.msn.com/?page=dept/dialup - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to force XSP recompilation?
The constant is in a Java class in a JAR file. Deleting all _xsp.java and _xsp.class files will work, although I was hoping for a more elegant solution. That way many XSPs which don't use the constant at all will also have to be regenerated. In my case I happened to know which XSP was using it for sure and did a touch on the linux command line so that Cocoon would recognize the file changed (just because the file date/time stamp was updated) and regenerate just that XSP. Oh well, Sonny From: Roger I Martin PhD [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED],[EMAIL PROTECTED] Subject: Re: How to force XSP recompilation? Date: Sat, 23 Aug 2003 21:13:14 -0400 See mixed comments below... - Original Message - From: Sonny Sukumar [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Saturday, August 23, 2003 4:29 PM Subject: How to force XSP recompilation? My problem is this: A snippet of Java code in my XSP references a constant of one of my backend Java classes (in a JAR file in WEB-INF/lib). However, I changed that constant value, recompiled and remade the JAR, restarted Tomcat, etc, but my XSP didn't get recompiled simply because I didn't edit the XSP file after that. But since any file depending on a constant in another class needs to be recompiled if that constant value changes, I was for awhile wondering why the XSP output wasn't changing. Does anybody know how to get Cocoon to handle this without having to remember everywhere (in what XSPs) that constant is referenced? The constant is changed only by you as the webapp admin? And then restarted to serve for your users? If it is under your control you can delete the files under %TOMCAT_HOME%/work/Catalina/localhost/%YOUR_WEBAPP%. maybe just all *_xsp.java and *_xsp.class files. When you restart tomcat and go to these pages you should see it take a little time to recompile and then be live. Thanks, Sonny _ Get MSN 8 and enjoy automatic e-mail virus protection. http://join.msn.com/?page=features/virus - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Get MSN 8 and enjoy automatic e-mail virus protection. http://join.msn.com/?page=features/virus - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: 1 more auth question..
Update: I was mistake before when I said that if the login suceeds, the correct html file is shown. It's not. Rather, in both cases I'm redirected to the pipeline defined in the authentication handler. To reiterate, this confuses me because I thought no such redirect should ever occur with auth-login, but rather only with auth-protect. Again, take a look at the sitemap snippet from my original post (below here). Any insights would be great, Sonny From: Sonny Sukumar [EMAIL PROTECTED] Hi Andrew, Thanks for that tip. But there seems to be something else going on as well If the login succeeds, the correct static html file is shown (see the the sitemap snippet I gave before--below), but if it fails then I end up being redirected to the redirect-to page defined for the auth handler. I thought that if the auth-login fails, then it would just read whatever comes after the action (another static html file, for testing at least). To add to the strangeness, the redirected to page (a login page I generate) shows the originally requested URI (I embed the originally requested URI in the generated login page) as getting the userName and password each **twice**. Here's what it says is the originally requested URI: /adminLogin?password=test_pwduserName=test_useruserName=test_userpassword=test_pwd The Cocoon documentation doesn't say anything to explain this behavior, but then again it wasn't very clear about the other things either. Do you have any ideas on this? Thanks again, Sonny From: Andrew Timberlake [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: 1 more auth question.. Date: Sat, 23 Aug 2003 15:34:57 +0200 Sonny Look at this snippet: map:parameter name=parameter_userName value={request-param:userName}/ map:parameter name=parameter_password value={request-param:password}/ Here you are passing two parameters to the auth action named parameter_userName and parameter_password. The values of each of these parameters is coming directly from the request parameters via the request-param input module. If you look at the source for the auth-login action (org.apache.cocoon.webapps.authentication.acting.LoginAction) on lines 104-107 the action is taking all parameters beginning with parameter_ and passing them as parameters to the authentication resource. ie. if you set the above parameters for the auth-login action, they will be passed to your XSP as two parameters: userName and password (dropped the parameter_ bit. Therefore your XSP code should be similar to the following: ... String userName = parameters.getParameter(userName); String password = parameters.getParameter(password); ... Hope this helps Andrew Sonny Sukumar wrote: Hi all, I'm not clear on how the authentication resource gets parameters that are passed to it from auth-login. My auth resource is an XSP, and I try to fetch them as request params. However, I'm not sure if that's correct because I've verified that my auth resource produces output matching the authentication.../authentication scheme it is supposed to when given request params, but yet the auth-login always seems to fail. Here's my sitemap snippet: !-- Try to log in an admin. -- map:match pattern=adminLogin map:act type=auth-login map:parameter name=handler value=adminAuthHandler/ map:parameter name=parameter_userName value={request-param:userName}/ map:parameter name=parameter_password value={request-param:password}/ !-- Really should be a redirect here, but this is for simplicity of illustration.-- map:read src=myapp/authSuccessful.html/ /map:act !-- Authentication failed -- map:read src=myapp/authFailed.html/ /map:match !-- Auth resource -- map:match pattern=authenticateAdmin map:generate src=redpouch/xml/authenticateAdmin.xsp type=serverpages/ map:serialize type=xml/ /map:match Here's my handler declaration: !-- Authenticates site administrators. -- handler name=adminAuthHandler redirect-to uri=cocoon:/getAdminLoginPage/ authentication uri=cocoon:/raw:/authenticateAdmin/ /handler So I try to do 'request.getParameter(userName)' and 'request.getParameter(password)' in my XSP (i.e. my auth resource), but authFailed.html is **always** shown, whether or not the user name/password combination is valid. I also still don't quite understand why the 'raw:/' subprotocol needs to be used in the authentication tag in the handler. It is that way in the docs, but I tried both with and without it, and the auth fails no matter what. I'd appreciate any hints. :-) Sonny _ MSN 8: Get 6 months for $9.95/month. http://join.msn.com/?page=dept/dialup - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED
URLs being encoded WITH cookies enabled
I'm using the EncodeURLTransformer in all of my pipelines just before serializing the output, but from what I read I thought it is only supposed to encode URLs if cookies are disabled in the browser. I've confirmed that cookies are enabled for my browser (Mozilla Firebird v0.6), but the URLs keep getting rewritten with a jsessionid parameter. What could be wrong? _ Enter for your chance to IM with Bon Jovi, Seal, Bow Wow, or Mary J Blige using MSN Messenger http://entertainment.msn.com/imastar - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
How to force XSP recompilation?
My problem is this: A snippet of Java code in my XSP references a constant of one of my backend Java classes (in a JAR file in WEB-INF/lib). However, I changed that constant value, recompiled and remade the JAR, restarted Tomcat, etc, but my XSP didn't get recompiled simply because I didn't edit the XSP file after that. But since any file depending on a constant in another class needs to be recompiled if that constant value changes, I was for awhile wondering why the XSP output wasn't changing. Does anybody know how to get Cocoon to handle this without having to remember everywhere (in what XSPs) that constant is referenced? Thanks, Sonny _ Get MSN 8 and enjoy automatic e-mail virus protection. http://join.msn.com/?page=features/virus - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
throwing non-ProcessingExceptions from XSPs
Hi guys, Is it possible to declare additional exception types to be thrown from the generate() method generated from an XSP? The generate code throws SAXException, IOException, ProcessingException by default. I thought that, since Cocoon 2.1 has improved support for handling various exception types (aside from ProcessingException) at the end of pipelines, that maybe one could maybe get away without wrapping exceptions in ProcessingException instances in XSPs. If it is possible, how can one declare a specific exception type to be thrown using XSP syntax? Thanks, Sonny _ Get MSN 8 and enjoy automatic e-mail virus protection. http://join.msn.com/?page=features/virus - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: session:getxml not working
Ahh, thanks Andrew, that worked. But I have another question. Say I have this in the context: data some-tagsome content/some-tag alert-messages alert-messageSome text here/alert-message /alert-messages /data If I use session:getxml context=temporary path=/data/alert-messages/ then I just get: alert-messageSome text here/alert-message So my question is how can I, with the above example context, get the whole alert-messages section, not just the contents of this tag? Thanks again, Sonny From: Andrew Timberlake [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: session:getxml not working Date: Fri, 22 Aug 2003 09:56:27 +0200 Sonny I doesn't store the authentication node, it stores the contents thereof so instead of using session:getxml context=temporary path=/authentication/data/alert-messages/ use session:getxml context=temporary path=/data/alert-messages/ Secondly, the URI namespace is http://apache.org/cocoon/session/1.0 which I got from SessionConstants.java This all works for me on CVS HEAD as of this morning. Hope this helps Andrew Sonny Sukumar wrote: Hi guys, I must be missing something, but my session:getxml tag isn't getting transformed: session:getxml context=temporary path=/authentication/data/alert-messages/ This tag is embedded into an XML document which is produced afer a log-in attempt fails. I also tried 'path=/' but that didn't get transformed either. The namespace I'm using is: xmlns:session=http://cocoon.apache.org/session/2.0; I also tried .../1.0 but no luck. I'm using the new Cocoon 2.1. And I have a 'map:transform type=session/' in my sitemap right after that XML doc is produced. Yet somehow it doesn't get transformed. If the temporary context doesn't exist, would the tag be ignored? Or would it be transformed into an empty string (i.e. )? This is important, as the same XML doc is produced when logging in for the first time as well, and that tag should just get wiped out. Does anybody have any insight into this? Thanks, Sonny _ Get MSN 8 and help protect your children with advanced parental controls. http://join.msn.com/?page=features/parental - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ MSN 8: Get 6 months for $9.95/month http://join.msn.com/?page=dept/dialup - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
1 more auth question..
Hi all, I'm not clear on how the authentication resource gets parameters that are passed to it from auth-login. My auth resource is an XSP, and I try to fetch them as request params. However, I'm not sure if that's correct because I've verified that my auth resource produces output matching the authentication.../authentication scheme it is supposed to when given request params, but yet the auth-login always seems to fail. Here's my sitemap snippet: !-- Try to log in an admin. -- map:match pattern=adminLogin map:act type=auth-login map:parameter name=handler value=adminAuthHandler/ map:parameter name=parameter_userName value={request-param:userName}/ map:parameter name=parameter_password value={request-param:password}/ !-- Really should be a redirect here, but this is for simplicity of illustration.-- map:read src=myapp/authSuccessful.html/ /map:act !-- Authentication failed -- map:read src=myapp/authFailed.html/ /map:match !-- Auth resource -- map:match pattern=authenticateAdmin map:generate src=redpouch/xml/authenticateAdmin.xsp type=serverpages/ map:serialize type=xml/ /map:match Here's my handler declaration: !-- Authenticates site administrators. -- handler name=adminAuthHandler redirect-to uri=cocoon:/getAdminLoginPage/ authentication uri=cocoon:/raw:/authenticateAdmin/ /handler So I try to do 'request.getParameter(userName)' and 'request.getParameter(password)' in my XSP (i.e. my auth resource), but authFailed.html is **always** shown, whether or not the user name/password combination is valid. I also still don't quite understand why the 'raw:/' subprotocol needs to be used in the authentication tag in the handler. It is that way in the docs, but I tried both with and without it, and the auth fails no matter what. I'd appreciate any hints. :-) Sonny _ MSN 8: Get 6 months for $9.95/month. http://join.msn.com/?page=dept/dialup - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: 3 questions...
From: Olivier Billard [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: 3 questions... Date: Thu, 21 Aug 2003 09:50:59 +0200 Hi Sonny, Your anwser would work if it was after a successfull authentication ;)... But no session is created when the authentication fails. Actually, Andrew related to me that a session is indeed created to store the temporary context, which will contain the data in the format: authentication failed/ data.../data /authentication You could see that post, but that's essentially what he was able to verify from his experience and looking through the source code for Cocoon. I haven't tried it quite yet, however. And as I wrote, the sitemap needs a Generator before using a Transformer. That's the problem :) Hmm, well the generator could be an XSP or whatever that uses the info in the data tag to display error information. I plan to regenerate the login page, but showing error messages my auth resource would place in the data tag. Hth, Sonny -- Olivier On 20/08/2003 19:49, Sonny Sukumar wrote: Hi Olivier, The docs say to use the session transformer with tags like these: session:getxml context=authentication path=/authentication/ID/ !-- Get the ID -- session:getxml context=authentication path=/authentication/data/username/ These tags will get transformed into (substituted with) the data content, or whatever content you specify in the Xpath-like expression in the path attribute (see above). The doc I'm referring to is here: http://cocoon.apache.org/2.1/developing/webapps/authentication.html Hth, Sonny From: Olivier Billard [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: 3 questions... Date: Wed, 20 Aug 2003 15:06:00 +0200 Hi Andrew, I have a little question about retrieving the data tag content. How could you get the content ? It seems that there is no corresponding output module, and when I set a serializer instead of the classic map:redirect-to uri=login/ to view the data content, I have the following error : You must set a generator first before you can use a serializer. So how can you access the data content ? Thanks, -- Olivier On 20/08/2003 09:21, Andrew Timberlake wrote: Sonny Try walking the programming logic. Starting with org.apache.cocoon.webapps.authentication.acting.LoginAction and follow how cocoon deals with each step of the process. One thing to watch out for is when you get code such as manager.lookup(XXX.Role) this is referencing an Interface to which an implementation class has been assigned within cocoon.xconf. An easy way to identify the implementation class is to look for a class named in one of three common ways: NameOfInterfaceImpl.java SimpleNameOfInterface.java or DefaultNameOfInterface.java and then continue walking the logic. This is a great way to figure out how cocoon works internally which will help your use of cocoon considerably. Sonny Sukumar wrote: Andrew, thank you for your time and effort to find the info below for me...it *is* proving helpful. See couple questions below... I'm not sure that a login tag is created. The temprary context should contain an XML fragment which looks like the following: authentication failed/ dataAny error message which was set by your authentication handler/data /authentication This I get from reading the few lines above the SessionConstants.TEMPORARY_CONTEXT code I mentioned above. Ahh, that's strange...the docs mention nothing about a failed/ tag from what I read. Is this just a tagging element of some sort? I mean, is it just always an empty element that just signals the authentication failed? I think it is just a flag. Remember that this block is providing a generic process for handling authentication. Any block will try to provide a solution for the common problem but you don't need to use it to solve the problem in the way it was written specifically. Example is that you need not check for the failed element to know that the auth failed as the action will pass the processing onto your failed pipeline fragment in which case, you simply need to retrieve the content of the data element and continue. Andrew - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ bMSN 8:/b Get 6 months for $9.95/month. http://join.msn.com/?page=dept/dialup - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Olivier BILLARD Société Jouve Tel : 33 2 99 86 93 55 Mail : [EMAIL PROTECTED] Le présent mail ainsi que toutes les informations qu'il contient ne peuvent en aucun cas être considérés comme un engagement juridique de quelque nature que ce soit de JOUVE. Tout accord devra être formulé par écrit papier ultérieur
Re: 3 questions...
I think this point isn't clear in the docs, and so it should be made clear that the temporary context is indeed stored in the session so others don't get confused. The coverage of the auth framework is good overall--it's just a few points that are ambiguous. From: Olivier Billard [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: 3 questions... Date: Thu, 21 Aug 2003 09:59:29 +0200 Hi Andrew, I realized that I didn't wrote that my concern is about a wrong authentication : no session is created, and so your component, using the session, won't work. Am I right ? I want to give a detailed feedback to the user trying to authenticate : login does not exist, wrong password, ... Do you have an other solution ? Thanks again, -- Olivier On 21/08/2003 00:16, Andrew Timberlake wrote: Olivier The following is an extract from a component I wrote in which I access the UserContext. This code retrieves the UserHandler and then gets a DocumentFragment of the contents of the data element which I then process further using standard DOM methods. I hope this helps a bit. snip SessionManager sessionManager = (SessionManager) this.manager.lookup(SessionManager.ROLE); Session session = sessionManager.getSession(true); UserState userState = (UserState) session.getAttribute(DefaultAuthenticationManager.SESSION_ATTRIBUTE_USER_STATUS); if(userState != null) { UserHandler userHandler = userState.getHandler(handler); DocumentFragment fragment = userHandler.getContext().getXML(/authentication/data/); ... } /snip Olivier Billard wrote: Hi Andrew, I have a little question about retrieving the data tag content. How could you get the content ? It seems that there is no corresponding output module, and when I set a serializer instead of the classic map:redirect-to uri=login/ to view the data content, I have the following error : You must set a generator first before you can use a serializer. So how can you access the data content ? Thanks, -- Olivier On 20/08/2003 09:21, Andrew Timberlake wrote: Sonny Try walking the programming logic. Starting with org.apache.cocoon.webapps.authentication.acting.LoginAction and follow how cocoon deals with each step of the process. One thing to watch out for is when you get code such as manager.lookup(XXX.Role) this is referencing an Interface to which an implementation class has been assigned within cocoon.xconf. An easy way to identify the implementation class is to look for a class named in one of three common ways: NameOfInterfaceImpl.java SimpleNameOfInterface.java or DefaultNameOfInterface.java and then continue walking the logic. This is a great way to figure out how cocoon works internally which will help your use of cocoon considerably. Sonny Sukumar wrote: Andrew, thank you for your time and effort to find the info below for me...it *is* proving helpful. See couple questions below... I'm not sure that a login tag is created. The temprary context should contain an XML fragment which looks like the following: authentication failed/ dataAny error message which was set by your authentication handler/data /authentication This I get from reading the few lines above the SessionConstants.TEMPORARY_CONTEXT code I mentioned above. Ahh, that's strange...the docs mention nothing about a failed/ tag from what I read. Is this just a tagging element of some sort? I mean, is it just always an empty element that just signals the authentication failed? I think it is just a flag. Remember that this block is providing a generic process for handling authentication. Any block will try to provide a solution for the common problem but you don't need to use it to solve the problem in the way it was written specifically. Example is that you need not check for the failed element to know that the auth failed as the action will pass the processing onto your failed pipeline fragment in which case, you simply need to retrieve the content of the data element and continue. Andrew - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ bGet MSN 8/b and help protect your children with advanced parental controls. http://join.msn.com/?page=features/parental - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
session:getxml not working
Hi guys, I must be missing something, but my session:getxml tag isn't getting transformed: session:getxml context=temporary path=/authentication/data/alert-messages/ This tag is embedded into an XML document which is produced afer a log-in attempt fails. I also tried 'path=/' but that didn't get transformed either. The namespace I'm using is: xmlns:session=http://cocoon.apache.org/session/2.0; I also tried .../1.0 but no luck. I'm using the new Cocoon 2.1. And I have a 'map:transform type=session/' in my sitemap right after that XML doc is produced. Yet somehow it doesn't get transformed. If the temporary context doesn't exist, would the tag be ignored? Or would it be transformed into an empty string (i.e. )? This is important, as the same XML doc is produced when logging in for the first time as well, and that tag should just get wiped out. Does anybody have any insight into this? Thanks, Sonny _ Get MSN 8 and help protect your children with advanced parental controls. http://join.msn.com/?page=features/parental - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: 3 questions...
From: Andrew Timberlake [EMAIL PROTECTED] Sonny I didn't have the answers to your questions immediately but I have done some digging throught he source code and can hopefully give you a head start on your understanding... Andrew, thank you for your time and effort to find the info below for me...it *is* proving helpful. See couple questions below... Sonny Sukumar wrote: [2 of these questions I sent a couple days ago but got no reply and haven't figured them out. They pertain to Cocoon's Authentication Framework. Thanks.] These 3 questions are based on this doc: http://cocoon.apache.org/2.1/developing/webapps/authentication.html 1.) The doc states If the authentication is successful, a session object is created on the server (if not already done). If the authentication fails, the error information delivered by the authentication resource is stored into the temporary context (which is named simply 'temp'). Question: Where is this 'temp' context stored, if not in the session? The temporary context is stored in the session and it is stored with the key temporary or more specifically in the org.apache.cocoon.webapps.authentication.components.PipelineAuthenticator you will find reference to the SessionConstants.TEMPORARY_CONTEXT being used. This is used in conjunction with the SessionManager. Interesting, I did suppose it had to be stored in the session, even though the docs were a bit ambiguous. From what I see in the API, it looks like PipelineAuthenticator is a helper class that AuthAction (referenced by auth-protect) in the sitemap probably uses--although I'm not really familar with Cocoon's current class architecture, so I have no idea. In any case, the details you provided are quite helpful. 2.) Where is the login tag of the login resource referred to in this statement?: 'If the authentication is not successful, the resource must create an XML with the root node authentication. In addition a data node can be added containing more information about the unsuccessful attempt. **This data node is then added inside the login tag of the login resource.**' I'm not sure that a login tag is created. The temprary context should contain an XML fragment which looks like the following: authentication failed/ dataAny error message which was set by your authentication handler/data /authentication This I get from reading the few lines above the SessionConstants.TEMPORARY_CONTEXT code I mentioned above. Ahh, that's strange...the docs mention nothing about a failed/ tag from what I read. Is this just a tagging element of some sort? I mean, is it just always an empty element that just signals the authentication failed? 3.) Is it necessary to use the raw: subprotocol here for not forwarding request params? As in: handler name=unique !-- The login resource -- redirect-to uri=cocoon:raw://loginpage/ authentication uri=cocoon:raw://authenticationresource/ /handler It says ...this resource is requested by the framework with the given parameters from the auth-login action referring to the authentication resource, so perhaps the raw: subprotocol is there to prevent duplicate request params? I'm just guessing here... I'll leave you to your guess here. Hehe ok. I hope I've at least been able to provide a little help. Most definitely. Thanks again, Andrew! Sonny Andrew Thanks, Sonny _ bGet MSN 8/b and enjoy automatic e-mail virus protection. http://join.msn.com/?page=features/virus - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ bGet MSN 8/b and help protect your children with advanced parental controls. http://join.msn.com/?page=features/parental - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: 3 questions...
From: Andrew Timberlake [EMAIL PROTECTED] Sonny Try walking the programming logic. Starting with org.apache.cocoon.webapps.authentication.acting.LoginAction and follow how cocoon deals with each step of the process. One thing to watch out for is when you get code such as manager.lookup(XXX.Role) this is referencing an Interface to which an implementation class has been assigned within cocoon.xconf. An easy way to identify the implementation class is to look for a class named in one of three common ways: NameOfInterfaceImpl.java SimpleNameOfInterface.java or DefaultNameOfInterface.java and then continue walking the logic. This is a great way to figure out how cocoon works internally which will help your use of cocoon considerably. Oh, thanks for the tips. I did notice in general that the classes have at least somewhat meaningful names. ;-) There's just sooo many of them, and I'm not familiar with the Avalon framework/class architecture, component lifecycles, etc, so it's a bit daunting. Daunting, but never dull :-) Sonny Sukumar wrote: Andrew, thank you for your time and effort to find the info below for me...it *is* proving helpful. See couple questions below... I'm not sure that a login tag is created. The temprary context should contain an XML fragment which looks like the following: authentication failed/ dataAny error message which was set by your authentication handler/data /authentication This I get from reading the few lines above the SessionConstants.TEMPORARY_CONTEXT code I mentioned above. Ahh, that's strange...the docs mention nothing about a failed/ tag from what I read. Is this just a tagging element of some sort? I mean, is it just always an empty element that just signals the authentication failed? I think it is just a flag. Remember that this block is providing a generic process for handling authentication. Any block will try to provide a solution for the common problem but you don't need to use it to solve the problem in the way it was written specifically. Example is that you need not check for the failed element to know that the auth failed as the action will pass the processing onto your failed pipeline fragment in which case, you simply need to retrieve the content of the data element and continue. Tis true, Andrew. I'll see how all of this comes together when I actually try to implement something, which will be very soon. I'll report back if I have any difficulties I can't overcome. Thanks again, Sonny Andrew - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ bGet MSN 8/b and help protect your children with advanced parental controls. http://join.msn.com/?page=features/parental - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: 3 questions...
Hi Olivier, The docs say to use the session transformer with tags like these: session:getxml context=authentication path=/authentication/ID/ !-- Get the ID -- session:getxml context=authentication path=/authentication/data/username/ These tags will get transformed into (substituted with) the data content, or whatever content you specify in the Xpath-like expression in the path attribute (see above). The doc I'm referring to is here: http://cocoon.apache.org/2.1/developing/webapps/authentication.html Hth, Sonny From: Olivier Billard [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: 3 questions... Date: Wed, 20 Aug 2003 15:06:00 +0200 Hi Andrew, I have a little question about retrieving the data tag content. How could you get the content ? It seems that there is no corresponding output module, and when I set a serializer instead of the classic map:redirect-to uri=login/ to view the data content, I have the following error : You must set a generator first before you can use a serializer. So how can you access the data content ? Thanks, -- Olivier On 20/08/2003 09:21, Andrew Timberlake wrote: Sonny Try walking the programming logic. Starting with org.apache.cocoon.webapps.authentication.acting.LoginAction and follow how cocoon deals with each step of the process. One thing to watch out for is when you get code such as manager.lookup(XXX.Role) this is referencing an Interface to which an implementation class has been assigned within cocoon.xconf. An easy way to identify the implementation class is to look for a class named in one of three common ways: NameOfInterfaceImpl.java SimpleNameOfInterface.java or DefaultNameOfInterface.java and then continue walking the logic. This is a great way to figure out how cocoon works internally which will help your use of cocoon considerably. Sonny Sukumar wrote: Andrew, thank you for your time and effort to find the info below for me...it *is* proving helpful. See couple questions below... I'm not sure that a login tag is created. The temprary context should contain an XML fragment which looks like the following: authentication failed/ dataAny error message which was set by your authentication handler/data /authentication This I get from reading the few lines above the SessionConstants.TEMPORARY_CONTEXT code I mentioned above. Ahh, that's strange...the docs mention nothing about a failed/ tag from what I read. Is this just a tagging element of some sort? I mean, is it just always an empty element that just signals the authentication failed? I think it is just a flag. Remember that this block is providing a generic process for handling authentication. Any block will try to provide a solution for the common problem but you don't need to use it to solve the problem in the way it was written specifically. Example is that you need not check for the failed element to know that the auth failed as the action will pass the processing onto your failed pipeline fragment in which case, you simply need to retrieve the content of the data element and continue. Andrew - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ bMSN 8:/b Get 6 months for $9.95/month. http://join.msn.com/?page=dept/dialup - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
NULL request params when POSTing data in 2.1...
Hey guys, I upgraded to Cocoon 2.1 and now, when I try to fetch request params from the request using 'request.getParameter(param)', it always returns null WHEN I use action=post instead of action=get. At first I thought it might have something to do with my form sending mult-part data--that is, sending regular data along with a few files from file input fields. But I commented those out and the problem stil persists as long as I'm POSTing the data. I changed nothing at all in the code except for upgrading to 2.1. Does anybody have any idea why this would happen? Thanks, Sonny _ bGet MSN 8/b and enjoy automatic e-mail virus protection. http://join.msn.com/?page=features/virus - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: NULL request params when POSTing data in 2.1...
From: Upayavira [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: NULL request params when POSTing data in 2.1... Date: Wed, 20 Aug 2003 20:44:47 +0100 Sonny Sukumar wrote: Hey guys, I upgraded to Cocoon 2.1 and now, when I try to fetch request params from the request using 'request.getParameter(param)', it always returns null WHEN I use action=post instead of action=get. I'm a serious beginner with flow, but I do know that the flow object model changed between 2.1m3 and rc1. I believe you can now do request.param to get the same thing as you wanted to do. Does that work? I don't know anything about flow yet, but my 'request.getParameter(param)' statements are actually in an action I wrote that does a number of things after it gets the request parameters. I'm quite baffled as to why POSTing data would stop working in any context though--whether an action or otherwise. Any other ideas? Regards, Upayavira At first I thought it might have something to do with my form sending mult-part data--that is, sending regular data along with a few files from file input fields. But I commented those out and the problem stil persists as long as I'm POSTing the data. I changed nothing at all in the code except for upgrading to 2.1. Does anybody have any idea why this would happen? Thanks, Sonny _ bGet MSN 8/b and enjoy automatic e-mail virus protection. http://join.msn.com/?page=features/virus - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ bHelp protect your PC:/b Get a free online virus scan at McAfee.com. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: NULL request params when POSTing data in 2.1...
Hi guys, I haven't solved my problem of getting null request parameters when trying to read request params in an action, so... Does anybody know how GET vs POST request parameters are handled by Tomcat and Cocoon? To reiterate, it *does* work when I try using GET, but I really need to use POST (want to pass some files in addition to data; when I tried GET I commented out the file input fields). I'd appreciate your insights into these two methods of transferring data via HTTP and how they're handled by the servlet container and by Cocoon. I'm running: Tomcat 4.1.12 Cocoon 2.1 (released version from last week) RedHat Linux 7.2 Thanks for your help, Sonny P.S. This problem only occurs with Cocoon 2.1. I have Cocoon 2.0.4 backed up and I tried it again with that and I can always fetch the POSTed request parameters just fine in my action. The code is straightforward: Request request = ObjectModelHelper.getRequest(objectModel); String someParam = request.getParameter(param); ... From: Sonny Sukumar [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: NULL request params when POSTing data in 2.1... Date: Wed, 20 Aug 2003 13:56:02 -0700 From: Upayavira [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: NULL request params when POSTing data in 2.1... Date: Wed, 20 Aug 2003 20:44:47 +0100 Sonny Sukumar wrote: Hey guys, I upgraded to Cocoon 2.1 and now, when I try to fetch request params from the request using 'request.getParameter(param)', it always returns null WHEN I use action=post instead of action=get. I'm a serious beginner with flow, but I do know that the flow object model changed between 2.1m3 and rc1. I believe you can now do request.param to get the same thing as you wanted to do. Does that work? I don't know anything about flow yet, but my 'request.getParameter(param)' statements are actually in an action I wrote that does a number of things after it gets the request parameters. I'm quite baffled as to why POSTing data would stop working in any context though--whether an action or otherwise. Any other ideas? Regards, Upayavira At first I thought it might have something to do with my form sending mult-part data--that is, sending regular data along with a few files from file input fields. But I commented those out and the problem stil persists as long as I'm POSTing the data. I changed nothing at all in the code except for upgrading to 2.1. Does anybody have any idea why this would happen? Thanks, Sonny _ bGet MSN 8/b and enjoy automatic e-mail virus protection. http://join.msn.com/?page=features/virus - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ bHelp protect your PC:/b Get a free online virus scan at McAfee.com. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ bMSN 8:/b Get 6 months for $9.95/month http://join.msn.com/?page=dept/dialup - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: portal authentication question
I was wondering...what exactly is a coplet? From: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: portal authentication question Date: Tue, 19 Aug 2003 14:16:53 +0200 Hello, I'm using the Cocoon portal and I have modified the authentication for using a LDAP repository instead of a XML file to authenticate users. But now the functions inside the coplet Administration doesn't work anymore (User management and Portal management). I can't access to these functions anymore. How the portal-conf generator work? What do I need to change? Thanks Sylvain Thevoz - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ bMSN 8:/b Get 6 months for $9.95/month. http://join.msn.com/?page=dept/dialup - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
3 questions...
[2 of these questions I sent a couple days ago but got no reply and haven't figured them out. They pertain to Cocoon's Authentication Framework. Thanks.] These 3 questions are based on this doc: http://cocoon.apache.org/2.1/developing/webapps/authentication.html 1.) The doc states If the authentication is successful, a session object is created on the server (if not already done). If the authentication fails, the error information delivered by the authentication resource is stored into the temporary context (which is named simply 'temp'). Question: Where is this 'temp' context stored, if not in the session? 2.) Where is the login tag of the login resource referred to in this statement?: 'If the authentication is not successful, the resource must create an XML with the root node authentication. In addition a data node can be added containing more information about the unsuccessful attempt. **This data node is then added inside the login tag of the login resource.**' 3.) Is it necessary to use the raw: subprotocol here for not forwarding request params? As in: handler name=unique !-- The login resource -- redirect-to uri=cocoon:raw://loginpage/ authentication uri=cocoon:raw://authenticationresource/ /handler It says ...this resource is requested by the framework with the given parameters from the auth-login action referring to the authentication resource, so perhaps the raw: subprotocol is there to prevent duplicate request params? I'm just guessing here... Thanks, Sonny _ bGet MSN 8/b and enjoy automatic e-mail virus protection. http://join.msn.com/?page=features/virus - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: new Request for internal map:redirect-to's?
It's not supposed to send an HTTP redirect if using the cocoon:/ protocol and syntax--at least not in Cocoon 2.1. I checked headers and all, but I don't see my browser processing a redirect at all like I did using the same syntax in 2.0.4. In any case, maybe one of the people knowledgeable on 2.1 can comment? Geoff, anyone else? Sonny From: Jay Freeman \(saurik\) [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: new Request for internal map:redirect-to's? Date: Mon, 18 Aug 2003 01:49:40 -0500 Sonny: I was under the impression that not only does a new Request object get created, but the entire process does. AFAIK redirect-to sends a Location: header to the browser and then it requests the new URL. *Checks this.* Yeah: HTTP/1.1 302 Moved Temporarily Date: Mon, 18 Aug 2003 06:52:28 GMT Server: Apache/2.1.0-dev (Unix) mod_ssl/2.1.0-dev OpenSSL/0.9.7a DAV/2 mod_jk/1.2.3-dev SVN/0.26.0 PHP/4.3.2 X-Cocoon-Version: 2.1 Location: http://www.jayfreeman.com/lists/ Content-Length: 0 Content-Type: text/plain; charset=ISO-8859-1 Sincerely, Jay Freeman (saurik) [EMAIL PROTECTED] - Original Message - From: Sonny Sukumar [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, August 17, 2003 9:11 PM Subject: new Request for internal map:redirect-to's? Does anybody know if a new Request instance is created when one does an internal redirect. Like this: map:match pattern=someUri map:action type=some-action/ map:redirect-to uri=cocoon:/anotherUri/ /map:match map:match pattern=anotherUri ... /map:match In the some-action action, I set a Request attribute, which is gone by the time anotherUri produces output. I know it is being set properly since I've logged it and it looks fine. Btw, I'm using Cocoon 2.1. Thanks, Sonny P.S. Does anybody know how to get LogFactor5 to *not* spawn so many windows? And I can't close them either. Otherwise, it's a good tool. :-) - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ STOP MORE SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: best browsers for viewing xml?
Is there a way to apply a default XSLT stylesheet to any XML document received in most browsers? From: Erik Bruchez [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: best browsers for viewing xml? Date: Mon, 18 Aug 2003 00:08:03 -0700 Mozilla's XML display is implemented with an XSLT stylesheet as well. You should be able to find it in the Mozilla Bonsai online at www.mozilla.org. -Erik Upayavira wrote: Jay Freeman (saurik) wrote: One such XSL/T comes with Cocoon: xml2html.xslt . I believe it even supports +/- expansion, although I remember there being something wrong with it... like it didn't support namespaces correctly or something and just stripped them from the output. I'm not quite sure, have only played with it a little. IE uses an XSLT. A little bit of hunting in there might find it, and you could use that, assuming that you can make a temporary switch to Windows just to find the XSLT to be used for other browsers. Then you could set up a view that displays stuff transformed: map:view name=xml from-label=xml map:transform src=ie-xslt.xsl/ map:serialize type=html/ /map:view Don't know if that helps. Regards, Upayavira Sincerely, Jay Freeman (saurik) [EMAIL PROTECTED] - Original Message - From: Conal Tuohy [EMAIL PROTECTED] To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Sunday, August 17, 2003 6:44 PM Subject: RE: best browsers for viewing xml? Sonny Sukumar wrote: I'd like a browser that can show an XML document in tree form--preferably clickable. Consider using an XSLT in Cocoon to transform the XML to an HTML representation of the XML. I have seen some stylesheets for doing this but I'm not sure where ... it would be easy to write in any case. Then you can view it in whatever browser you like. e.g. something like: xsl:template match=/ htmlbody xsl:apply-templates/ /body/html /xsl:template xsl:template match=* plt;xsl:value-of select=name()/ xsl:apply-templates select=@*/ gt;/p /xsl:template xsl:template match=@* xsl:value-of select=name()/=xsl:value-of select=./ /xsl:template - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Add photos to your e-mail with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: What exactly is the logger attribute
The logger attribute is used to specify the logger category to which log messages. See logkit.xconf in the WEB-INF directory for log factory/target/category definitions and configurations. You can add your own as well. This wiki doc should help in doing so: http://wiki.cocoondev.org/Wiki.jsp?page=ConfiguringTheLogs I'm not sure about the pool attributes, but I think they are to configure the # of instances of the class you're declaring/configuring in the sitemap that should be available to handle server requests. pool-min would be the minimum # of instances. Of course, somebody please correct me if I'm wrong. :-) HTH, Sonny From: Lionel Crine [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: What exactly is the logger attribute Date: Mon, 18 Aug 2003 09:54:08 +0200 Hi, I'm really fond of knowing what the attribute logger is used to ? for example : map:generator label=content logger=sitemap.generator.file name=file pool-grow=4 pool-max=32 pool-min=8 src=org.apache.cocoon.generation.FileGenerator/ And the pool-min attribute by the way. Thanks in advance for the answer. Lionel - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: filepart
From: Geoff Howard [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: filepart Date: Mon, 18 Aug 2003 18:21:26 -0400 Sonny Sukumar wrote: In the docs, for the PartInMemory.getSize(), the description reads Returns the filename, which can't be correct. I'm not sure who is in charge of changing that... No one's in charge but I've fixed it :) Thanks for the heads up. No problem, thanks for fixing it. Everything helps. :-) Geoff - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Add photos to your messages with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: best browsers for viewing xml?
From: Jeff Turner [EMAIL PROTECTED] On Sun, Aug 17, 2003 at 02:59:50PM -0700, Sonny Sukumar wrote: Hi guys, I need suggestions on browsers for viewing XML, since I've gotten too weary of Mozilla Firebird's bugs and freezing my computer every now and then. How about registering a real XML editor as the handler for text/xml in your browser? That is a good suggestion, Jeff, but it's just too much of a hassle to have open a separate window every time to view the XML document, especially when I'm doing it 100+ times a day (debugging is great ;-). I suppose I'll just stick with Mozilla Firebird for now and hope its deficiencies get addressed over time. I hope it becomes as good as Cocoon has now become. :-) Sonny --Jeff ... Any suggestions? Thanks, Sonny - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ STOP MORE SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: best browsers for viewing xml?
From: Jay Freeman \(saurik\) [EMAIL PROTECTED] One such XSL/T comes with Cocoon: xml2html.xslt . I believe it even supports +/- expansion, although I remember there being something wrong with it... like it didn't support namespaces correctly or something and just stripped them from the output. I'm not quite sure, have only played with it a little. Oh that's interesting--maybe I'll take a look at that sometime. But how can one do +/- expansion with a mere stylesheet? I thought that would require a browser plugin or embedded browser functionality. Sonny _ Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [ANN] Apache Cocoon 2.1 Released - binary??
From: Geoff Howard [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [ANN] Apache Cocoon 2.1 Released - binary?? Date: Sun, 17 Aug 2003 20:16:03 -0400 Geoff Howard wrote: Sonny Sukumar wrote: Is there a document that explains line by line what each of the entries in build.properties is? Some of them weren't clear to me, so I just guessed whether I needed them or not. Not that I'm aware of and it's a good idea. Could you start a wiki page for it at wiki.cocoondev.org? That'd be the fasted way to get some useful information documented. Geoff I see you started a Wiki page at http://wiki.cocoondev.org/Wiki.jsp?page=BuildProperties. I don't think I'm quite qualified to put in the descriptions of the line items, but for everybody else so inclined, do check out Geoff's Wiki page. It is certainly a good start. I did - but haven't had time to start adding explanations. Just let me know which ones seem confusing and I'll start with those. Ok, made a start now. Let me know if that clears anything up or just raises more questions. Geoff Hey Geoff, I beleive the file you are thinking of in the first paragraph is cocoon.build.properties, and I updated it to read that way. I got this info from one of your old posts. :-) http://www.mail-archive.com/[EMAIL PROTECTED]/msg28014.html The Validation section was confusing to me, as I didn't really know exactly what it was meant for. Also, for the enable-uploads option, if one sets that to false at build time one can still set it to true later by configuring web.xml, right? I'm pretty sure you'd be able to, but I just want to make 100% sure Thank you for writing this Wiki doc, as it will definitely help people. Sonny _ Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: best browsers for viewing xml?
Ahhh, I can see how that might cause problems with some browsers. From: Jay Freeman \(saurik\) [EMAIL PROTECTED] Sonny: JavaScript/DHTML :) Sincerely, Jay Freeman (saurik) [EMAIL PROTECTED] - Original Message - From: Sonny Sukumar [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, August 17, 2003 7:59 PM Subject: Re: best browsers for viewing xml? From: Jay Freeman \(saurik\) [EMAIL PROTECTED] One such XSL/T comes with Cocoon: xml2html.xslt . I believe it even supports +/- expansion, although I remember there being something wrong with it... like it didn't support namespaces correctly or something and just stripped them from the output. I'm not quite sure, have only played with it a little. Oh that's interesting--maybe I'll take a look at that sometime. But how can one do +/- expansion with a mere stylesheet? I thought that would require a browser plugin or embedded browser functionality. Sonny - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Add photos to your messages with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: need help with strange 2.1 problems...
That's the strange thing...the [show] is just plain text. I'm using Mozilla Firebird on Linux mostly, but I also tried it in Konqueror with the same result. I then tried commenting out the map:handle-errors section at the end of the default sitemap that is bundled with Cocoon 2.1 and I got a more raw page that does indeed show the stack trace. So I think I'll just keep that section commented out so I can debug. :-) From: Joerg Heinicke [EMAIL PROTECTED] A click on [show] should show you the stacktrace. Otherwise you have a strange browser :-) If it really does not work, can you tell us what browser you are using. The stacktrace is contained in the HTML code, so even if it is difficult to read you can at least see it. Joerg Sonny Sukumar wrote: Hi guys, I've installed Cocoon 2.1 on Tomcat 4.1.12 with JDK 1.4, and I'm having all kinds of problems I never had when running Cocoon 2.0.4. I read the docs on building and deploying it, but I'm encountering problems nevertheless. One problem is that I get messages like this where there's nothing to click to show the stacktrace: cause: java.lang.NullPointerException stacktrace[show] This is just plain text, so I can't see the stacktrace. Another problem is that sometimes when I go to some URL that used to work just fine, I get a java.lang.OutOfMemoryError from Tomcat. This is in addition to my problem with XSPs with the Logger class conflict preventing XSPs from compiling (see my previous post). I really have no idea what's going ondoes anyone maybe recognize these problems? Thanks! Sonny - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
3 simple auth questions...
These 2 questions are based on this doc: http://cocoon.apache.org/2.1/developing/webapps/authentication.html 1.) The doc states If the authentication is successful, a session object is created on the server (if not already done). If the authentication fails, the error information delivered by the authentication resource is stored into the temporary context (which is named simply 'temp'). Question: Where is this 'temp' context stored, if not in the session? 2.) For the auth-login action, request parameters are passed to it like: map:parameter name=parameter_userid value={request:name}/ map:parameter name=parameter_password value={request:password}/ Question: Is this request: syntax generally available to pass request params to all actions? 3.) A handler is also configured like this: handler name=unique !-- The login resource -- redirect-to uri=cocoon:raw://loginpage/ authentication uri=cocoon:raw://authenticationresource/ /handler Question: Is it necessary to use the raw: subprotocol here for not forwarding request params? It says ...this resource is requested by the framework with the given parameters from the auth-login action referring to the authentication resource, so perhaps the raw: subprotocol is there to prevent duplicate request params? I'm just guessing here... Thanks, Sonny _ The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=features/junkmail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [ANN] Apache Cocoon 2.1 Released - binary??
Is there a document that explains line by line what each of the entries in build.properties is? Some of them weren't clear to me, so I just guessed whether I needed them or not. From: Geoff Howard [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [ANN] Apache Cocoon 2.1 Released - binary?? Date: Sat, 16 Aug 2003 18:21:17 -0400 Sam Chance wrote: As a user...the binary is essential. I understand it makes it easier for the developers, but I think the issue needs to be revisited with an intent to distribute a binary. Ok, first of all - I hear you and will raise this issue again on the dev list. (cc'd). Can I ask you to elaborate on why you think the one step build is just out of the question for you? Is it the ease of first use when evaluating? Is it the build time? Is there something not provided that is needed? Honestly, everyone has been very open minded about this but had a hard time coming up with a quantifiable reason. But also, - just to reiterate. This was not meant to make it easier on the developers, but the users. It was observed that Cocoon is not really a thing that you just use -- it's a framework that lets you develop something. And starting that process was very painful with a binary distribution and it is much better with the current one. There is just so much in the distribution that any one person doesn't need all of it. - this was never intended as a permanent direction for Cocoon. The arrival of hot-pluggable real blocks in (probably) the next release will give the best of both worlds. Geoff -Original Message- From: Derek Hohls [mailto:[EMAIL PROTECTED] Sent: Friday, August 15, 2003 12:13 AM To: [EMAIL PROTECTED] Subject: Re: [ANN] Apache Cocoon 2.1 Released - binary?? The explanation given here is *not* an explanation at all - not all of us are subscribers to the developers list and so are not party to the discussions that prompted this decision - perhaps one of the developers can summarise the issues and update the website - then the rest of us can have a chance to comment. PS If you do decide to not release a binary verrsion, then you certainly should remove the link to the Binary distributions archive (link on this page) [EMAIL PROTECTED] 15/08/2003 06:39:43 Frans Thamura wrote: Where is the binary??? http://cocoon.apache.org/mirror.cgi Second paragraph. Vadim - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Add photos to your messages with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Few authentication questions
From: Carsten Ziegeler [EMAIL PROTECTED] Sonny Sukumar wrote: Now, a session context is an XML document stored in the session. With the session transformer (see below) you can fetch xml data out of such a context and store data in it. Oh ok, so a session context is a session attribute that happens to be an XML doc. But of what class type is this XML doc? Just curious... It's an internal class ;) (which uses a DOM tree) Ok, so I assume I don't have to know about it then. :-) 3.) The doc furthermore has this line in it: session:getxml context=authentication path=/authentication/ID/ So I assume session:getxml / is a logichsheet call, but I've only seen a logicsheet called xsp-session that provides an interface to a Session instance. And I don't see any getxml element for that logicsheet. This is not a logicsheet but a transformer, so you can use this transformer in your cocoon pipeline to set/get data to/from a session context, like the authentcation session context in the example above. Hmm, I thought if it's a transformer it should be called like map:transform type=... .../ Why isn't this the case? It is the case, too. Your call is in the sitemap where you define the pipeline and the session:getxml... is in the xml stream flowing through the transformer. It's the signal for the session transformer to do something. Ahh, ok, I get what you're saying. I'll try to install 2.1 and play with the authentication framework a bit and then come back with some more questions, if I think of any (I'm sure I will ;-). Sonny Carsten - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Logger class conflict with 2.1....
Hi guys, I just upgraded to Cocoon 2.1 and I tried to access one of my pages based on an XSP and I get the following error: // start error (lines 166-166) Type mismatch: cannot convert from org.apache.avalon.framework.logger.Logger to org.apache.log.Logger Logger logger = getLogger(); // end error That line is in the generator created from the XSP, and the created code imports org.apache.log.Logger, even though org.apache.avalon.framework.logger.Logger still exists in avalon-framework-4.1.4.jar in $CATALINA_HOME/webapps/cocoon/WEB-INF/lib/. I also deleted the old XSP .java and .class files generated by Cocoon 2.0.4 (which I had installed previously), but the same error occurs. How should one fix this? Thanks, Sonny _ The new MSN 8: smart spam protection and 2 months FREE* http://join.msn.com/?page=features/junkmail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
need help with strange 2.1 problems...
Hi guys, I've installed Cocoon 2.1 on Tomcat 4.1.12 with JDK 1.4, and I'm having all kinds of problems I never had when running Cocoon 2.0.4. I read the docs on building and deploying it, but I'm encountering problems nevertheless. One problem is that I get messages like this where there's nothing to click to show the stacktrace: cause: java.lang.NullPointerException stacktrace[show] This is just plain text, so I can't see the stacktrace. Another problem is that sometimes when I go to some URL that used to work just fine, I get a java.lang.OutOfMemoryError from Tomcat. This is in addition to my problem with XSPs with the Logger class conflict preventing XSPs from compiling (see my previous post). I really have no idea what's going ondoes anyone maybe recognize these problems? Thanks! Sonny _ The new MSN 8: smart spam protection and 2 months FREE* http://join.msn.com/?page=features/junkmail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [resent] map:part's processed in parallel?
I ended up doing something similar. I created an action that updates the quantities of the cart items in the way I wanted to, and placed that action right before the action that calculates the line item costs. I had to amend parts of my XSP and rethink some things, but I did get it work. I still wonder if there's any way to specify that an action shouldn't be executed at pipeline setup, but during pipeline execution in the order in which it appears. If there is such an option, I could have kept my original design and code. ;-) Sonny Or move the code that pulls the shopping cart from the session to an action into your getCart pipeline. Then they should all be calculated at setup time ;-). On 11 Aug 2003 at 1:19, Sonny Sukumar wrote: Aha, I think you're onto something there. The results I get make sense if indeed 1.) all of the map:part pipelines are set up before any of them executes, and 2.) if actions are executed during pipeline setup. I think we're mostly unclear on #1, but it does seem like that's what's happening. Assuming it is, do you have any suggestions for refactoring/rearranging things both in the sitemap and otherwise to solve the shopping cart subtotal calculation problem I detailed below? Move the code to calculate your line item costs from an action into your getLineItemCosts.xsp file. Then they'll all be calculated at generation time. Possible? Regards, Upayavira Thanks for all of your help, Sonny Hi Sonny, I haven't proofed yet but I think your problem may result from the way cocoon sets up the pipelines to be executed. I think what happens is that during pipeline setup for your main matcher (showCartPage) the pipelines for the two parts (getCart and getLineItemCosts) are set up resulting in your action (calculate-line-item-costs) being executed, because actions are executed during pipeline-setup. After setup these pipelines (and so the serverpages) are executed. As I said, I haven't proofed, but maybe it's a hint you can follow. HTH, Kai Thanks for examining the code for me Upayavira. I saw another post in the archives explaining why it'd be too hard for the map:parts to be constructed in parallel and for no real gain (SAX events from each part coming in at random times and getting mixed up). So I'm not sure. But please take a look at my specific problem and see if there's something I'm missing (must be!): This is in the sitemap: map:match pattern=getCart map:generate src=xml/getCartInfo.xsp type=serverpages/ map:serialize type=xml/ /map:match map:match pattern=getLineItemCosts map:act type=calculate-line-item-costs/ map:generate src=xml/getLineItemCosts.xsp type=serverpages/ map:serialize type=xml/ /map:match !-- ***MAIN MATCHER*** -- map:match pattern=showCartPage map:aggregate element=cart-page map:part src=cocoon:/getCart strip-root=true/ map:part src=cocoon:/getLineItemCosts/ /map:aggregate map:serialize type=xml/ /map:match The first map:part (whose src=cocoon:/getCart) comes out fine, and within its XSP code it pulls the shopping cart from the session. The cart just has 1 item (product) in it, and that the XSP modifies the quantity of the item from 1 to 0 (I tested that it does). The 2nd map:part is then executed, and executes an action that calculates the subtotal for the cart by pulling the cart from the session. HERE is the strange behavior, because the quantity for the single cart item is now 1, when it should be 0 (I verified this by logging). So now the 2nd part execution finishes by generating from xml/getLineItemCosts.xsp. I actually tried pulling the cart from the session again in this code and seeing what the quantity isand it's ZERO! So my question is: If my Action executes in between the 2 XSPs and both of those output 0 for the quantity, how can the Action always see it as 1? This is what got me asking if map:parts are constructed in parallel. I'd appreciate all of your insights, Sonny From: Upayavira [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [resent] map:part's processed in parallel? Date: Sun, 10 Aug 2003 23:56:27 +0100 Sonny, I've taken a look at the source for the Aggregator. In that code there's no reference to threading, however it does use a parser to interpret the sources that the map:part nodes refer to. It is possible that those parsers are multi-threaded, and right now finding that out is beyond my level of ability. Maybe someone else can help more... Regards, Upayavira On 10 Aug 2003 at 15:02, Sonny Sukumar wrote: [I didn't get any response, so I was wondering if somebody knows about this. It would be really helpful.] Hey all, Are map:parts in a map:aggregate executed in parallel or in serial? Because I wrote one where the 2nd part should only start to be generated after the first
Re: html serializer problem
Sure, Joerg, here's the html serializer config: map:serializer logger=sitemap.serializer.html mime-type=text/html name=html pool-grow=4 pool-max=32 pool-min=4 src=org.apache.cocoon.serialization.HTMLSerializer indent=no buffer-size1024/buffer-size /map:serializer In the last transform (XSL stylesheet) before getting to the html serializer, we've also set xsl:output indent=no/, but still no luck. It doesn't seem like an indentation problem... Note that there's no whitespace between the tags before the html serializer, but most of the tags appear on their own lines when serialized!! If I could just prevent the html serializer from introducing this whitespace, this problem would be solved (I manually edited the resulting file, taking out the whitespace, and it displays correctly in IE). From: Joerg Heinicke [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: html serializer problem Date: Sat, 09 Aug 2003 03:24:30 +0200 Can you show the indent=no configuration for the serializer? Have you done it in the sitemap or in the stylesheet? Joerg Sonny Sukumar wrote: Hi guys, I'm using the HTML serializer to output an XHTML doc at the end of a pipeline, but it puts line breaks in the doc it outputs that cause IE to display the output incorrectly. For example, the XHTML doc that goes into the HTML serializer has the following in it: trtd valign=topimg height=30 width=30 src=spacer.gif border=0//td but it's serialized like this: tr td valign=top img height=30 width=30 src=myPic.gif border=0/ /td Note that I've set indent=no for the HTML serializer, but that doesn't fix this problem. I really need to fix this to get it to display correctly in IE (the browser we care most about by far). If we get the output to come without *ANY* whitespace between the tags, then that would be great. Is there any way to do this?? Thanks! Sonny - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [resent] map:part's processed in parallel?
Thanks for examining the code for me Upayavira. I saw another post in the archives explaining why it'd be too hard for the map:parts to be constructed in parallel and for no real gain (SAX events from each part coming in at random times and getting mixed up). So I'm not sure. But please take a look at my specific problem and see if there's something I'm missing (must be!): This is in the sitemap: map:match pattern=getCart map:generate src=xml/getCartInfo.xsp type=serverpages/ map:serialize type=xml/ /map:match map:match pattern=getLineItemCosts map:act type=calculate-line-item-costs/ map:generate src=xml/getLineItemCosts.xsp type=serverpages/ map:serialize type=xml/ /map:match !-- ***MAIN MATCHER*** -- map:match pattern=showCartPage map:aggregate element=cart-page map:part src=cocoon:/getCart strip-root=true/ map:part src=cocoon:/getLineItemCosts/ /map:aggregate map:serialize type=xml/ /map:match The first map:part (whose src=cocoon:/getCart) comes out fine, and within its XSP code it pulls the shopping cart from the session. The cart just has 1 item (product) in it, and that the XSP modifies the quantity of the item from 1 to 0 (I tested that it does). The 2nd map:part is then executed, and executes an action that calculates the subtotal for the cart by pulling the cart from the session. HERE is the strange behavior, because the quantity for the single cart item is now 1, when it should be 0 (I verified this by logging). So now the 2nd part execution finishes by generating from xml/getLineItemCosts.xsp. I actually tried pulling the cart from the session again in this code and seeing what the quantity isand it's ZERO! So my question is: If my Action executes in between the 2 XSPs and both of those output 0 for the quantity, how can the Action always see it as 1? This is what got me asking if map:parts are constructed in parallel. I'd appreciate all of your insights, Sonny From: Upayavira [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [resent] map:part's processed in parallel? Date: Sun, 10 Aug 2003 23:56:27 +0100 Sonny, I've taken a look at the source for the Aggregator. In that code there's no reference to threading, however it does use a parser to interpret the sources that the map:part nodes refer to. It is possible that those parsers are multi-threaded, and right now finding that out is beyond my level of ability. Maybe someone else can help more... Regards, Upayavira On 10 Aug 2003 at 15:02, Sonny Sukumar wrote: [I didn't get any response, so I was wondering if somebody knows about this. It would be really helpful.] Hey all, Are map:parts in a map:aggregate executed in parallel or in serial? Because I wrote one where the 2nd part should only start to be generated after the first has completed, but the output indicates a parallel execution instead of a serial one. For example: map:aggregate element=new-root map:part src=cocoon:/src1/ map:part src=cocoon:/src2/ /map:aggregate Here I need cocoon:/src2 to only begin its generation after cocoon:/src1 is completed. If they do go in parallel, is there any way to force the parts to be generated serially? Thanks, Sonny _ MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*. http://join.msn.com/?page=features/virus - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ STOP MORE SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
html serializer problem
Hi guys, I'm using the HTML serializer to output an XHTML doc at the end of a pipeline, but it puts line breaks in the doc it outputs that cause IE to display the output incorrectly. For example, the XHTML doc that goes into the HTML serializer has the following in it: trtd valign=topimg height=30 width=30 src=spacer.gif border=0//td but it's serialized like this: tr td valign=top img height=30 width=30 src=myPic.gif border=0/ /td Note that I've set indent=no for the HTML serializer, but that doesn't fix this problem. I really need to fix this to get it to display correctly in IE (the browser we care most about by far). If we get the output to come without *ANY* whitespace between the tags, then that would be great. Is there any way to do this?? Thanks! Sonny _ STOP MORE SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to save uploaded files?
Thanks for the tip, Geoff. The WIki doesn't seem to give me quite enough info. Step by step, my thinking is as follows: 1.) If I set autosave-uploads to false, then I have to retrieve an uploaded file from memory as a FilePartArray, correct? 2.) Assuming I now have a FilePartArray in my Cocoon action which processed the upload, I'd like to make the image file accessible for a later processing step to embed a reference to the image in the HTML doc sent back to the client. 3.) Now, it seems like that reference can only be a file path, which means the images would need to be saved to disk on the server anyway. 4.) My problem with that is that I don't want the photos to end up in server storage for good, as I don't know of a way to always get a message from the client (browser) specifying if a person is done previewing. If they end up saving the product, I'd know, but what if they just close their window? I'd appreciate your thoughts, as I'm not sure how to proceed. Sonny From: Geoff Howard [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: How to save uploaded files? Date: Tue, 05 Aug 2003 15:14:48 -0400 Search the wiki for upload Sonny Sukumar wrote: If I want to keep the autosave-uploads param = false in web.xml, then how would I save certain files that I want to? More specifically, sometimes I just want the user to be able to preview a photo next to other data but I don't want to save it. Other times I specifically want to save all form data, including the uploaded photos that come along in the multi-part form data. What's the best way to implement this dual preview/save functionality? Thanks, Sonny - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
how to set default Session settings?
What I'd like is to tell Cocoon or Tomcat in some config file that I want each Session instance I create to automatically (by default) have a timeout of 4 hours. I use request.getSession(true); in dozens of places throughout my application, and I don't want to have to configure the session each time, if a session is being created for the first time. This isn't good design, since the rule sessions should time out in 4 hours in scattered all over in dozens of places. I also don't know for which pages a new session will need to be created, since I can't count on people always entering through the homepage. Thanks, Sonny _ The new MSN 8: smart spam protection and 2 months FREE* http://join.msn.com/?page=features/junkmail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]