org.apache.cocoon.acting
Class DatabaseAuthenticatorAction
java.lang.Object
org.apache.avalon.framework.logger.AbstractLogEnabled
org.apache.cocoon.acting.AbstractAction
org.apache.cocoon.acting.AbstractConfigurableAction
org.apache.cocoon.acting.ConfigurableServiceableAction
org.apache.cocoon.acting.AbstractComplementaryConfigurableAction
org.apache.cocoon.acting.AbstractDatabaseAction
org.apache.cocoon.acting.DatabaseAuthenticatorAction
- All Implemented Interfaces:
- Disposable, Component, Configurable, LogEnabled, Serviceable, ThreadSafe, Action
public class DatabaseAuthenticatorAction
- extends AbstractDatabaseAction
- implements ThreadSafe
This action is used to authenticate user by comparing several request
fields (username, password) with the values in database. The description of
the process is given via external xml description file simiar to the one
used for all actions derived from AbstractDatabaseAction.
<root>
<connection>personnel</connection>
<table name="users_table>
<select dbcol="username" request-param="username"
to-session="username"/>
<select dbcol="password" request-param="password"
nullable="yes"/>
<select dbcol="role" to-session="role" type="string"/>
<select dbcol="skin" to-session="skin" type="string"/>
</table>
</root>
The values specified via "request-param" describe the name of HTTP request
parameter, "dbcol" indicates matching database column, "nullable" means
that request-param which is null or empty will not be included in the WHERE
clause. This way you can enable accounts with empty passwords, etc.
"to-session" attribute indicates under which name the value obtained from
database should be stored in the session. Of course new session is created
when authorization is successfull. The "type" attribute can be either
string, long or double and alters the type of object stored in session.
Additionally all parameters that are
propagated to the session are made available to the sitemap via {name}
expression.
If there is no need to touch the session object, providing just one-time
verification, you can specify action parameter "create-session" to "no" or
"false". No values are then propagated to the sesion and session object is
not verified.
- Version:
- CVS $Id: DatabaseAuthenticatorAction.html 1304258 2012-03-23 10:09:27Z ilgrosso $
- Author:
- Martin Man
| Fields inherited from interface org.apache.cocoon.acting.Action |
ROLE |
| Methods inherited from class org.apache.cocoon.acting.AbstractDatabaseAction |
buildList, buildList, dispose, getColumn, getDataSource, getRequestAttribute, isLargeObject, service, setColumn, setColumn, setColumn, setColumn, setRequestAttribute |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
DatabaseAuthenticatorAction
public DatabaseAuthenticatorAction()
act
public Map act(Redirector redirector,
SourceResolver resolver,
Map objectModel,
String src,
Parameters parameters)
throws Exception
- Main invocation routine.
- Specified by:
act in interface Action
resolver - The SourceResolver in chargeobjectModel - The Map with object of the
calling environment which can be used
to select values this controller may need
(ie Request, Response).src - A source String to the Actionparameters - The Parameters for this invocation
- Returns:
- Map The returned
Map object with
sitemap substitution values which can be used
in subsequent elements attributes like src=
using a xpath like expression: src="mydir/{myval}/foo"
If the return value is null the processing inside
the element of the sitemap will
be skipped.
- Throws:
Exception - Indicates something is totally wrong
Copyright © 1999-2010 The Apache Software Foundation. All Rights Reserved.