I'm using a prebuilt Lenya 1.2.5. I'm trying to *not* have to write code to do this.
I'm doing a non-public site for a local club in my area that I want to have members sign on before even seeing any content. I'd essentially like to deny the world, even localhost, unless they first authenticate. Below is what I'm working with. I'm sorry if I omitted anything, I just could not make sense of the security mechanism enough to know what's relevant. An example URL I'd like blocked is: http://localhost:8888/MembersOnly/live/Welcome.html lenya/pubs/MembersOnly/config/ac/policies/live/Welcome/subtree-policy.acml lenya/pubs/MembersOnly/config/ac/policies/live/subtree-policy.acml lenya/pubs/MembersOnly/config/ac/policies/subtree-policy.acml Each of the above look like this: My ac.xconf looks like: <policy xmlns="http://apache.org/cocoon/lenya/ac/1.0";> <world> <role id="visit" method="deny"/> </world> </policy> <access-controller type="bypassable"> <accreditable-manager type="file"> <parameter name="directory" value="context:///lenya/pubs/MembersOnly/config/ac/passwd"/> <user-manager> <user-type class="org.apache.lenya.ac.file.FileUser" create-use-case="userAddUser">Local User</user-type> <!-- uncomment the following line if you want LDAP support --> <!-- <user-type class="org.apache.lenya.ac.ldap.LDAPUser" create-use-case="userAddUserLdap">LDAP User</user-type> --> </user-manager> </accreditable-manager> <policy-manager type="document"> <policy-manager type="file"> <parameter name="directory" value="context:///lenya/pubs/MembersOnly/config/ac/policies"/> </policy-manager> </policy-manager> <authorizer type="policy"/> <authorizer type="usecase"> <parameter name="configuration" value="context:///lenya/pubs/MembersOnly/config/ac/usecase-policies.xml"/> </authorizer> <authorizer type="workflow"/> </access-controller> ---------- Log file snippet ------- 24995 2013-10-12 00:31:35,383 [PoolThread-4] DEBUG lenya.ac.cache.get():161 - Caching object [org.apache.lenya.ac.impl.DefaultPolicy@65089d7] for further requests of [file:/C:/java/eclipse/ClubSoftware/Lenya/lenya/pubs/MembersOnly/config/ac/policies/live/Welcome/subtree-policy.acml]. 24996 2013-10-12 00:31:35,384 [PoolThread-4] DEBUG lenya.ac.policymanager.file.buildPolicy():149 - Policy exists: [true] 24996 2013-10-12 00:31:35,384 [PoolThread-4] DEBUG lenya.ac.authorizer.policy.saveRoles():156 - Adding roles [ visit ] to request [org.apache.cocoon.environment.http.HttpRequest@2457c24c] 24996 2013-10-12 00:31:35,384 [PoolThread-4] DEBUG lenya.ac.authorizer.policy.authorize():111 - Authorized: true 24996 2013-10-12 00:31:35,384 [PoolThread-4] DEBUG lenya.ac.accesscontroller.bypassable.authorize():121 - Authorizer [org.apache.lenya.ac.impl.PolicyAuthorizer@6566aa35] returned [true] 24996 2013-10-12 00:31:35,384 [PoolThread-4] DEBUG lenya.ac.accesscontroller.bypassable.authorize():108 - --------------------------------------------------------- 24996 2013-10-12 00:31:35,384 [PoolThread-4] DEBUG lenya.ac.accesscontroller.bypassable.authorize():109 - Invoking authorizer [org.apache.lenya.cms.ac.usecase.UsecaseAuthorizer@26456721] 24997 2013-10-12 00:31:35,385 [PoolThread-4] DEBUG lenya.ac.authorizer.usecase.authorize():104 - No usecase to authorize. Granting access. 24997 2013-10-12 00:31:35,385 [PoolThread-4] DEBUG lenya.ac.accesscontroller.bypassable.authorize():121 - Authorizer [org.apache.lenya.cms.ac.usecase.UsecaseAuthorizer@26456721] returned [true] 24997 2013-10-12 00:31:35,385 [PoolThread-4] DEBUG lenya.ac.accesscontroller.bypassable.authorize():108 - --------------------------------------------------------- 24997 2013-10-12 00:31:35,385 [PoolThread-4] DEBUG lenya.ac.accesscontroller.bypassable.authorize():109 - Invoking authorizer [org.apache.lenya.cms.ac.workflow.WorkflowAuthorizer@7e1b0beb] 24997 2013-10-12 00:31:35,385 [PoolThread-4] DEBUG lenya.ac.authorizer.workflow.authorize():69 - Authorizing workflow for event [null] 24997 2013-10-12 00:31:35,385 [PoolThread-4] DEBUG lenya.ac.accesscontroller.bypassable.authorize():121 - Authorizer [org.apache.lenya.cms.ac.workflow.WorkflowAuthorizer@7e1b0beb] returned [true] 24997 2013-10-12 00:31:35,385 [PoolThread-4] DEBUG lenya.ac.accesscontroller.bypassable.authorize():130 - ========================================================= 24997 2013-10-12 00:31:35,385 [PoolThread-4] DEBUG lenya.ac.accesscontroller.bypassable.authorize():131 - Authorization complete, result: [true] 24998 2013-10-12 00:31:35,386 [PoolThread-4] DEBUG lenya.ac.accesscontroller.bypassable.authorize():132 - ========================================================= 24998 2013-10-12 00:31:35,386 [PoolThread-4] DEBUG sitemap.decommission():342 - ComponentFactory decommissioning instance of org.apache.lenya.cms.cocoon.acting.DelegatingAuthorizerAction.
