Apache » Cocoon »

  Cocoon Authentication
      1.0
   homepage

Cocoon Authentication 1.0

Installation

Installing Cocoon Auth in Cocoon is very easy, just drop the Cocoon Auth jar file into Cocoon (WEB-INF/lib) and that's it (or add a dependency on cocoon-auth-impl to your pom.xml file).

The first task you have to do is to configure Cocoon Auth's application manager. By default the following bean configuration is read on startup of Cocoon:

 <!-- CoWarp's application manager: -->
  <bean name="org.apache.cocoon.auth.ApplicationManager" 
             class="org.apache.cocoon.auth.StandardApplicationManager"
  scope="singleton"/>

Sitemap Components

Cocoon Auth comes with several sitemap components that are very useful. The following three actions are available in your Cocoon application. There is no need to configure them.

      <map:action name="cauth-is-logged-in"
                  src="org.apache.cocoon.auth.acting.LoggedInAction"/>
      <map:action name="cauth-login"
                  src="org.apache.cocoon.auth.acting.LoginAction"/>
      <map:action name="cauth-logout"
                  src="org.apache.cocoon.auth.acting.LogoutAction"/>

Updating from the authentication-fw block

If you're already using the Cocoon authentication-fw block and want to update to Cocoon Auth, you can take the following steps as a starting point. However, depending on your application, there might be additional things you have to take care of!

In general, the authentication-fw block only supports the notion of a security handler (applications are possible but very rarely used). As Cocoon Auth is built around the notion of an application with an attached security handler, you need to configure both: a security handler and an application:

<bean name="org.apache.cocoon.auth.SecurityHandler/handler" 
           class="org.apache.cocoon.auth.impl.PipelineSecurityHandler"
  scope="singleton">
  <property name="authenticationResource" value="cocoon:raw:/sunrise-authuser"/>
  <property name="sourceResolver" ref="org.apache.excalibur.source.SourceResolver"/>
</bean>
<bean name="org.apache.cocoon.auth.Application/my-application" 
           class="org.apache.cocoon.auth.StandardApplication"
  scope="singleton">
  <property name="securityHandler" ref="org.apache.cocoon.auth.SecurityHandler/handler"/>
</bean>

Configure a security handler that uses a pipeline for authenticating the user and configure the pipeline - this is the same pipeline you are using with the authentication-fw. Then configure an application that uses the standard implementation and give the previously created handler as a configuration value. The next step is to change the usage of the actions - the authentication-fw block uses a set of actions starting with the prefix "auth-".

Login action

You can simply change the usage of the auth-login action to cauth-login. Rename the parameter handler to application and set the value to your previously created application.

Logout action

You can simply change the usage of the auth-logout action to cauth-logout. Rename the parameter handler to application and set the value to your previously created application.

Protect Action

You can simply change the usage of the auth-protect action to cauth-is-logged-in. Rename the parameter handler to application and set the value to your previously created application.

IsLoggedIn Action

You can simply change the usage of the auth-isloggedin action to

cauth-is-logged-in. Rename the parameter handler to

application and set the value to your previously created application.

 
Errors and Improvements? If you see any errors or potential improvements in this document please help us: View, Edit or comment on the latest development version (registration required).