Dear Helena,
- the specification of the mechanism for authentication is specified in
server.xml.
In particular, look for the different example realm sections.
- the specification of the authorisation can be specified in web.xml.
In particular, in the security-constraint section you can specify
a) a web-resource-collection section which specifies a url-pattern
b) an auth-constraint section which specifies a sequence of roles.
In login-config you have to specify the authentication method.
In security-roles you have to list the different roles used in the
auth-constraint sections.
Best regards,
Gunther
Helena Edelson wrote:
That should work,
are you saying to handle auth in server.xml and parts in web.xml?
thank you.
helena
Gunther Sablon wrote:
Hi,
we are running forrest as a webapp in Tomcat.
We use the authentication mechanisms of Tomcat:
- before we had users in tomcat_users.xml; currently they are in
LDAP (can be setup in server.xml)
- web.xml specifies the parts of the site that need authentication.
There is no connection to the sitemap, so maybe I have misunderstood
your question...
Best regards,
Gunther
Helena Edelson wrote:
thanks. will do.
i am also working on i18n stuff. when i figure it out,
i was thinking it might be help ful to write a how to.
everything so far seems
fractured in terms of the steps to take to implement.
there are many if then's and info is everywhere, from
docs to jira to cocoon docs..
helena
Ross Gardler wrote:
Helena Edelson wrote:
Is there any way using sitemap to manage user roles
via a login to control roles
access to app pages for user_role_a
disallow access for user_role_b type of thing?
Depends on whether you are running in dynamic mode or not.
In static mode you would have to use the mechanisms provided by
your web server for protecting access to certain resources. On the
Apache HTTPD server that would be using .htaccess files.
In this case you simply provide the relevant .htaccess files in
along with your XDocs and they will (theoretically) be copied over
when you build the site. I say theoretically because I have not,
personally, tried this. Let us know if you try it and it works
(preferably in the form of a contribution to our docs).
If you are running in dynamic mode you can, theoretically, use the
Cocoon Authentication framework [1]. Again, I say theoretically
because it I'm not aware of anyone having done this yet. If you
want to go this route then it is really a dev topic, so please move
this to the dev list where we can help guide you and (hopefully)
you can write us a How-To on making it work.
Ross
[1]
http://cocoon.apache.org/2.1/developing/webapps/authentication.html
--
Gunther Sablon
Luciad ** Parijsstraat 74 ** 3000 Leuven
tel: +32 / 16 / 26 28 30
mailto:[EMAIL PROTECTED]
