apache > cocoon

Authentication Framework: User Management

In addition to the authentication, the framework manages all kinds of information belonging to the user. For this reason the framework creates its own session context called authentication. All information is stored in this context in an XML structure.

The authentication information (the "authentication" scheme retrieved from the authentication resource) is stored in this context, so you can retrieve and change the information using the session transformer and the usual getxml, setxml etc. commands, so we suggest you to read the session context document.

The authentication context is only available to the session transformer if the pipeline in which the transformer is running, is associated with the (authentication) handler. Or putting it in other words, you have to use the auth-project action in that pipeline. Otherwise the authentication context is not available.

Getting information from the context

Each element from the context is gettable using an XML tag:

<session:getxml context="authentication" path="/authentication/ID"/> <!-- Get the ID -->
<session:getxml context="authentication" path="/authentication/data/username"/>

The path expression is an absolute XPath-like expression where only concrete nodes and attributes are allowed. The session transformer replaces the tag with the value of the first node found in the context, this can either be text or XML.

Setting information in the context

Using another tag, information can be stored into the context:

<session:setxml context="authentication" path="/authentication/data/usersername">
    Mr. Sunshine

The path is an absolute XPath-like expression where only concrete nodes and attributes are allowed. If the requested node exists, the framework changes the value of that node. If the node does not exists, the framework adds it to the context with the given value.

The tag is removed from the resource before it is passed to the next component in the pipeline.