| <?xml version="1.0"?> |
| <!-- |
| Licensed to the Apache Software Foundation (ASF) under one or more |
| contributor license agreements. See the NOTICE file distributed with |
| this work for additional information regarding copyright ownership. |
| The ASF licenses this file to You under the Apache License, Version 2.0 |
| (the "License"); you may not use this file except in compliance with |
| the License. You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, software |
| distributed under the License is distributed on an "AS IS" BASIS, |
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| See the License for the specific language governing permissions and |
| limitations under the License. |
| --> |
| |
| <!--+ |
| | Authentication block samples sitemap. |
| | |
| | CVS $Id$ |
| +--> |
| |
| <map:sitemap xmlns:map="http://apache.org/cocoon/sitemap/1.0"> |
| |
| <!-- =========================== Pipelines ================================= --> |
| <map:pipelines> |
| <map:component-configurations> |
| <authentication-manager> |
| <handlers> |
| <!-- A handler is responsible for protecting documents (pipelines). |
| The handler requires three configuration values. One of them is |
| a unique name that is used as a reference for the handler. |
| The other values are documented inline below. |
| --> |
| <handler name="demohandler"> |
| <!-- The redirect-to configuration defines a pipeline that is called |
| whenever a not authenticated user tries to access a protected |
| document (pipeline) --> |
| <redirect-to uri="cocoon:/login"/> |
| <!-- The authentication configuration defines the authentication process. |
| In this example, an internal pipeline "authenticate" is called. |
| This pipeline gets all necessary information like user name and |
| password as parameters and tries to authenticate this user. |
| On successful authentication the pipeline delivers a specific |
| XML format. |
| --> |
| <authentication uri="cocoon:raw:/authenticate"/> |
| <!-- In addition you can specifiy a logout-uri parameter above. Then |
| the pipeline denoted by that parameter is called on logout. |
| --> |
| </handler> |
| </handlers> |
| </authentication-manager> |
| </map:component-configurations> |
| |
| <map:pipeline> |
| <map:match pattern="flow/**"> |
| <map:mount src="flow.xmap" uri-prefix="flow" check-reloads="true"/> |
| </map:match> |
| |
| <map:match pattern=""> |
| <map:redirect-to uri="login"/> |
| </map:match> |
| |
| <!-- ================= --> |
| <!-- Simple login page --> |
| <!-- ================= --> |
| <map:match pattern="login"> |
| <!-- if we are already logged in, redirect to the protected document --> |
| <map:act type="auth-loggedIn"> |
| <map:parameter name="handler" value="demohandler"/> |
| <map:redirect-to uri="protected"/> |
| </map:act> |
| <map:generate src="docs/login.xml"/> |
| <map:transform src="stylesheets/simple-page2html.xsl"/> |
| <map:transform type="encodeURL"/> |
| <map:serialize/> |
| </map:match> |
| |
| <!-- ========================================= --> |
| <!-- Form target which performs auth service --> |
| <!-- ========================================= --> |
| <map:match pattern="do-login"> |
| <!-- try to login --> |
| <map:act type="auth-login"> |
| <map:parameter name="handler" value="demohandler"/> |
| <map:parameter name="parameter_name" value="{request-param:username}"/> |
| <map:redirect-to uri="protected"/> |
| </map:act> |
| <!-- something was wrong, try it again --> |
| <map:redirect-to uri="login"/> |
| </map:match> |
| |
| <!-- ================ --> |
| <!-- Protected area --> |
| <!-- ================ --> |
| <map:match pattern="protected"> |
| <map:act type="auth-protect"> |
| <map:parameter name="handler" value="demohandler"/> |
| |
| <map:generate src="docs/protected.xml"/> |
| <map:transform type="session"/> |
| <map:transform src="stylesheets/simple-page2html.xsl"/> |
| <map:transform type="encodeURL"/> |
| <map:serialize/> |
| </map:act> |
| <!-- something was wrong, redirect to login page --> |
| <map:redirect-to uri="login"/> |
| </map:match> |
| |
| <!-- ========================================= --> |
| <!-- Logout link which invalidates the session --> |
| <!-- ========================================= --> |
| <map:match pattern="do-logout"> |
| <map:act type="auth-protect"> |
| <map:parameter name="handler" value="demohandler"/> |
| |
| <map:act type="auth-logout"/> |
| </map:act> |
| <map:redirect-to uri="login"/> |
| </map:match> |
| </map:pipeline> |
| |
| <map:pipeline internal-only="true"> |
| <!-- This is the authentication resource --> |
| <map:match pattern="authenticate"> |
| <map:generate src="docs/userlist.xml"/> |
| <map:transform src="stylesheets/authenticate.xsl"> |
| <map:parameter name="use-request-parameters" value="true"/> |
| </map:transform> |
| <map:serialize type="xml"/> |
| </map:match> |
| </map:pipeline> |
| |
| </map:pipelines> |
| </map:sitemap> |