org.apache.cocoon.acting
Class DatabaseCookieAuthenticatorAction
java.lang.Object
org.apache.avalon.framework.logger.AbstractLogEnabled
org.apache.cocoon.acting.AbstractAction
org.apache.cocoon.acting.AbstractConfigurableAction
org.apache.cocoon.acting.ConfigurableServiceableAction
org.apache.cocoon.acting.AbstractComplementaryConfigurableAction
org.apache.cocoon.acting.AbstractDatabaseAction
org.apache.cocoon.acting.DatabaseCookieAuthenticatorAction
- All Implemented Interfaces:
- Disposable, Component, Configurable, LogEnabled, Serviceable, ThreadSafe, Action
public class DatabaseCookieAuthenticatorAction
- extends AbstractDatabaseAction
- implements ThreadSafe
This action is used to authenticate user by comparing several cookie values
(username, password) with the values in database. The description of the
process is given via external xml description file simiar to the one used
for all actions derived from AbstractDatabaseAction.
<root>
<connection>personnel</connection>
<table name="users_table>
<select dbcol="username" cookie-name="username"
to-session="username"/>
<select dbcol="password" cookie-name="password"
nullable="yes"/>
<select dbcol="role" to-session="role" type="string"/>
<select dbcol="skin" to-session="skin" type="string"/>
</table>
</root>
The values specified via "cookie-name" describe the name of the
cookie, "dbcol" indicates matching database column, "nullable" means that
cookie-name which is null or empty will not be included in the WHERE clause.
This way you can enable accounts with empty passwords, etc. "to-session"
attribute indicates under which name the value obtained from database should
be stored in the session. Of course new session is created when
authorization is successfull. The "type" attribute can be either string,
long or double and alters the type of object stored in session. Additionally
all parameters that are propagated to the session are made available to the
sitemap via {name} expression. If there is no need to touch the session
object, providing just one-time verification, you can specify action
parameter "create-session" to "no" or "false". No values are then propagated
to the sesion and session object is not verified. If you want to append
attributes to the session without creating a new one, specify action
parameter "append-session" to "yes" or "true".
- Version:
- CVS $Id: DatabaseCookieAuthenticatorAction.html 1304258 2012-03-23 10:09:27Z ilgrosso $
- Author:
- Paolo Scaffardi
Fields inherited from interface org.apache.cocoon.acting.Action |
ROLE |
Methods inherited from class org.apache.cocoon.acting.AbstractDatabaseAction |
buildList, buildList, dispose, getColumn, getDataSource, getRequestAttribute, isLargeObject, service, setColumn, setColumn, setColumn, setColumn, setRequestAttribute |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
DatabaseCookieAuthenticatorAction
public DatabaseCookieAuthenticatorAction()
act
public Map act(Redirector redirector,
SourceResolver resolver,
Map objectModel,
String src,
Parameters parameters)
throws Exception
- Main invocation routine.
- Specified by:
act
in interface Action
- Parameters:
redirector
- Description of Parameterresolver
- Description of ParameterobjectModel
- Description of Parametersrc
- Description of Parameterparameters
- Description of Parameter
- Returns:
- Description of the Returned Value
- Throws:
Exception
- Description of Exception
getCookie
public static Cookie getCookie(Map objectModel,
String cookieName)
Copyright © 1999-2010 The Apache Software Foundation. All Rights Reserved.