Search:

Apache » Lenya
project logo
  • Project
  • Developer
  • Community
  • Version 2.2
  • Version 2.0
  • Version 1.2
  • Version 1.2
    • Installation
      • Download
      • Subversion Access
      • Install Instructions
    • Tutorial
      • Introduction
      • 1. Understanding Lenya
      • 2. Installing Lenya
      • 3. Anatomy of the Pipeline
      • 4. Editing in Lenya
      • 5. Custom Navigation in Lenya
      • 6a. Mod Proxy and Lenya
      • 6b. Mod Proxy and Lenya
    • How-To
      • FAQ
      • New Publication
      • Deploy Publication
      • Look and Feel
      • Custom Resource Type
      • Adding Mime Types
      • Site Navigation
      • LDAP Authentication
      • CMS Menus
      • CMS Screens
      • Search Publications
      • External Data
      • Unit Tests
    • Components
      • Access Control
        • Basic Terms
        • Access Controllers
        • Access Controller Resolvers
        • Authenticators
        • Authorizers
        • Policies and Policy Managers
        • Accreditable Managers
        • SSL Encryption
      • Authoring
        • Adding a new document creator
        • Image Upload
        • OpenOffice
      • Deployment
        • Proxying
      • Editors
        • HTML Form Editor
        • HTML One Form Editor
        • Bitflux Editor
        • Kupu
        • Xopus
      • Layout
        • Navigation
        • XHTML templating
        • Serving static resources
        • Lenya Menubar
      • Publication
        • PageEnvelopeModule
        • Site tree
      • Resource Types
        • Resource Types
      • Revision Control
        • Revision Controller
        • RCML
        • Check In
        • Check Out
        • Revisions
        • Rollback
      • Repository
        • WebDAV Servers
      • Search
        • Searching with Lucene
      • URI Handling
        • URI Parametrizer
        • URI Scheme
        • Usecases
      • Asset Management
        • Asset Management
      • Link Management
        • Link Management
      • Meta Data
        • Meta Data Handling
      • Multilingual Documents
        • Multilingual Document Handling
      • Tasks
        • The Task Concept
        • Defining Tasks
        • The TaskAction
        • Scheduling a Task
        • Included tasks
          • AntTask
          • DefaultFilePublisher
          • StaticHTMLExporter
          • MailTask
        • Developing Tasks
      • Workflow
        • Terms
        • The State Machine
        • Configuration
        • Implementation
      • Site Management
        • Archive
        • Copy
        • Deactivate
        • Delete
        • Delete the trash
        • Move
        • Move Up/Down
        • Rename
        • Restore
    • Miscellaneous
      • Namespaces
      • Reserved Names
      • XInclude Processor
    • 1.2 API (Javadoc)

Current Event

Meeting Bad Säckingen 2009

Built with Apache Lenya

Access Controllers

Table of Contents
  • Introduction
  • Defining the Role in lenya.roles
  • Declaring an AccessController in cocoon.xconf
  • Default Access Controller
  • Bypassable Access Controller
  • Customizing Access Control

Introduction

An AccessController has the responsibility to authenticate clients and to authorize requests.

Defining the Role in lenya.roles

<role name="org.apache.lenya.ac.AccessController"
    shorthand="access-controller"
    default-class="org.apache.lenya.ac.impl.BypassableAccessController"/>

Declaring an AccessController in cocoon.xconf

Each AccessController component needs a type that is attached to the role attribute, separated with a slash (/). This allows you to choose an AccessController in your publication in combination with the PublicationAccessControllerResolver. The following example shows the declaration of an AccessController with the type bypassable: 

<component logger="lenya.ac.accesscontroller.bypassable"
    class="org.apache.lenya.ac.impl.BypassableAccessController"
    role="org.apache.lenya.ac.AccessController/bypassable">
    ...
</component>

Default Access Controller

The DefaultAccessController combines an Authenticator, a set of Authorizers, an AccreditableManager and a PolicyManager to perform these tasks.

<component logger="lenya.ac.accesscontroller.default"
    class="org.apache.lenya.ac.impl.DefaultAccessController"
    role="org.apache.lenya.ac.AccessController/default"/>

Bypassable Access Controller

The BypassableAccessController is a DefaultAccessController that can be bypassed for certain URL patterns. For URLs that match those patterns (regular expressions), access is granted for free.

The BypassableAccessController allows the definition of a regular expression for the public URL patterns: 

<component logger="lenya.ac.accesscontroller.bypassable"
    class="org.apache.lenya.ac.impl.BypassableAccessController"
    role="org.apache.lenya.ac.AccessController/bypassable">
  <public>.*[.]css|.*[.]jpg|.*[.]gif</public>
</component>

Customizing Access Control

How can I store my users in a database?

You have to implement a UserManager wich accesses the database to obtain the user information. Additionally, you have to implement an AccreditableManager which uses this UserManager. This AccreditableManager has to be declared in cocoon.xconf and assigned to your AccessController in lenya/pubs/mypub/config/ac/ac.xconf.

Copyright © 1999-2009 The Apache Software Foundation. All rights reserved.