Access Controllers

An AccessController has the responsibility to authenticate clients and to authorize requests.

<role name="org.apache.lenya.ac.AccessController"
    shorthand="access-controller"
    default-class="org.apache.lenya.ac.impl.BypassableAccessController"/>

Each AccessController component needs a type that is attached to the role attribute, separated with a slash (/). This allows you to choose an AccessController in your publication in combination with the PublicationAccessControllerResolver. The following example shows the declaration of an AccessController with the type bypassable:

<component logger="lenya.ac.accesscontroller.bypassable"
    class="org.apache.lenya.ac.impl.BypassableAccessController"
    role="org.apache.lenya.ac.AccessController/bypassable">
    ...
</component>

The DefaultAccessController combines an Authenticator, a set of Authorizers, an AccreditableManager and a PolicyManager to perform these tasks.

<component logger="lenya.ac.accesscontroller.default"
    class="org.apache.lenya.ac.impl.DefaultAccessController"
    role="org.apache.lenya.ac.AccessController/default"/>

The BypassableAccessController is a DefaultAccessController that can be bypassed for certain URL patterns. For URLs that match those patterns (regular expressions), access is granted for free.

The BypassableAccessController allows the definition of a regular expression for the public URL patterns:

<component logger="lenya.ac.accesscontroller.bypassable"
    class="org.apache.lenya.ac.impl.BypassableAccessController"
    role="org.apache.lenya.ac.AccessController/bypassable">
  <public>.*[.]css|.*[.]jpg|.*[.]gif</public>
</component>

How can I store my users in a database?

You have to implement a UserManager wich accesses the database to obtain the user information. Additionally, you have to implement an AccreditableManager which uses this UserManager. This AccreditableManager has to be declared in cocoon.xconf and assigned to your AccessController in lenya/pubs/mypub/config/ac/ac.xconf.