[opencms-dev] Logoff system and session flsuh

Territorio Jordan-V. jordan.territorio at gmail.com
Mon Apr 7 16:03:59 CEST 2008 

Okay, now i see...
so to "secure" my pages i just have to use the existing technical user...

So if i understand, the only things i have to do is:
-create a manager account in opencms to log as an admin
-create a user account in opencms to log users normally, after validation
using requests to external DB.

And then in my template, i just have to check if the Logged Man is a Manager
or a User to make elements editable or not.

Is that correct ?


2008/4/7, Nick Panienski <panienski at codecentric.de>:
>
>  We use a concept we call "technical user". We authenticate a "real" user
> against the external database and if the credentials are okay we login an
> existing technical user in OpenCms that represents the real users
> permissions.
>
> Example: John Smith logs in with username/password, trying to access a
> secure accounting page, the combination is checked against the db, if
> successfull an accounting technical user is logged in thus granting John
> Smith access.
>
> --
> Mit freundlichen Grüßen
> Nick Panienski
> IT Consultant
>
> codecentric GmbH
> Grünewalder Str. 29-31
> 42657 Solingen
>
> Telefon  +49 (212)  24 94 330
> Fax      +49 (212)  24 94 334
> Mobil    +49 (151) 167 06 496
> eMail    panienski at codecentric.de
> Internet http://www.codecentric.de
>
> Geschäftsführer: Peter Gierse, Mirko Novakovic und Rainer Vehns Sitz der
> Gesellschaft: Solingen
> Registergericht: Amtsgericht Wuppertal, HRB 19214
>
>
>  ------------------------------
> *Von:* opencms-dev-bounces at opencms.org [mailto:
> opencms-dev-bounces at opencms.org] *Im Auftrag von *Territorio Jordan-V.
> *Gesendet:* Montag, 7. April 2008 14:54
> *An:* The OpenCms mailing list
> *Betreff:* Re: [opencms-dev] Logoff system and session flsuh
>
> yes but the fact is that users accounts are in an external database... so
> i think it's a little bit more difficult ^^
>
> 2008/4/7, Nick Panienski <panienski at codecentric.de>:
> >
> >  As far as I understand your needs you just have to set the resources'
> > permission.
> >
> > This is a standard OpenCms feature. Create a group, add users to that
> > group, set groups permission on resource.
> >
> > Have a look in the OpenCms Wiki for more information:
> > http://opencms-wiki.org/How_to_create_a_restricted_area_on_your_homepage
> > and
> > http://opencms-wiki.org/How_OpenCms_Permissions_work
> >
> > HTH
> > Nick
> >
> > --
> > Mit freundlichen Grüßen
> > Nick Panienski
> > IT Consultant
> >
> > codecentric GmbH
> > Grünewalder Str. 29-31
> > 42657 Solingen
> >
> > Telefon  +49 (212)  24 94 330
> > Fax      +49 (212)  24 94 334
> > Mobil    +49 (151) 167 06 496
> > eMail    panienski at codecentric.de
> > Internet http://www.codecentric.de
> >
> > Geschäftsführer: Peter Gierse, Mirko Novakovic und Rainer Vehns Sitz der
> > Gesellschaft: Solingen
> > Registergericht: Amtsgericht Wuppertal, HRB 19214
> >
> >
> >  ------------------------------
> > *Von:* opencms-dev-bounces at opencms.org [mailto:
> > opencms-dev-bounces at opencms.org] *Im Auftrag von *Territorio Jordan-V.
> > *Gesendet:* Montag, 7. April 2008 10:39
> > *An:* The OpenCms mailing list
> > *Betreff:* Re: [opencms-dev] Logoff system and session flsuh
> >
> >  Of course ^^
> > I want to create a group of pages with a private access. If people have
> > no account he can't acces to pages, if he has an user account he can reach
> > pages and do some forms, and he has an administrator account he can edit
> > contents of those pages.
> >
> > For the moment i just try to make that peiople whit no account can't
> > have access to pages.
> >
> > Jordan
> >
> > 2008/4/7, Nick Panienski <panienski at codecentric.de>:
> > >
> > >  > Maybe you have an idea about securizing a a page when you're logged
> > > or not?
> > > Sorry, I didn't understand your second question, could you describe
> > > your other problem a little bit more detailed?
> > >
> > > Cheers
> > > Nick
> > >
> > > --
> > > Mit freundlichen Grüßen
> > > Nick Panienski
> > > IT Consultant
> > >
> > > codecentric GmbH
> > > Grünewalder Str. 29-31
> > > 42657 Solingen
> > >
> > > Telefon  +49 (212)  24 94 330
> > > Fax      +49 (212)  24 94 334
> > > Mobil    +49 (151) 167 06 496
> > > eMail    panienski at codecentric.de
> > > Internet http://www.codecentric.de
> > >
> > > Geschäftsführer: Peter Gierse, Mirko Novakovic und Rainer Vehns Sitz
> > > der Gesellschaft: Solingen
> > > Registergericht: Amtsgericht Wuppertal, HRB 19214
> > >
> > >
> > >  ------------------------------
> > > *Von:* opencms-dev-bounces at opencms.org [mailto:
> > > opencms-dev-bounces at opencms.org] *Im Auftrag von *Territorio Jordan-V.
> > > *Gesendet:* Freitag, 4. April 2008 16:11
> > > *An:* The OpenCms mailing list
> > > *Betreff:* Re: [opencms-dev] Logoff system and session flsuh
> > >
> > >  Thank you a lot, it works !
> > > I thought there was a better way, than calling a new JSP file but
> > > finally i think it's a good thing for future purposes...
> > >
> > > Maybe you have an idea about securizing a a page when you're logged or
> > > not?
> > >
> > > 2008/4/4, Nick Panienski <panienski at codecentric.de>:
> > > >
> > > >  Hi Jordan,
> > > >
> > > > I recon the easiest way to do this is to invalidate the session.
> > > > Just link to a logoff.jsp with the following contents:
> > > >
> > > > <% session.invalidate();
> > > > response.sendRedirect("/page/that/should/be/displayed/after/logout.html");
> > > > %>
> > > >
> > > > That's it.
> > > >
> > > > HTH
> > > > Nick
> > > >
> > > > --
> > > > Mit freundlichen Grüßen
> > > > Nick Panienski
> > > > IT Consultant
> > > >
> > > > codecentric GmbH
> > > > Grünewalder Str. 29-31
> > > > 42657 Solingen
> > > >
> > > > Telefon  +49 (212)  24 94 330
> > > > Fax      +49 (212)  24 94 334
> > > > Mobil    +49 (151) 167 06 496
> > > > eMail    panienski at codecentric.de
> > > > Internet http://www.codecentric.de
> > > >
> > > > Geschäftsführer: Peter Gierse, Mirko Novakovic und Rainer Vehns Sitz
> > > > der Gesellschaft: Solingen
> > > > Registergericht: Amtsgericht Wuppertal, HRB 19214
> > > >
> > > >
> > > >  ------------------------------
> > > > *Von:* opencms-dev-bounces at opencms.org [mailto:
> > > > opencms-dev-bounces at opencms.org] *Im Auftrag von *Territorio
> > > > Jordan-V.
> > > > *Gesendet:* Freitag, 4. April 2008 15:11
> > > > *An:* The OpenCms mailing list
> > > > *Betreff:* [opencms-dev] Logoff system and session flsuh
> > > >
> > > >  Hi all,
> > > >
> > > > I have made a login system which redirect me to a page where
> > > > information about the current user are displayed. But now i'd like to put a
> > > > link on the user page to log him off. But i was wondering if some tag could
> > > > do it because i don't what is the correct (or best) syntax to perform this
> > > > action...
> > > >
> > > > I imagine that my link could send information to a java class and
> > > > then all sessions variables could be flushed. Unfortunately, as i am a
> > > > newbie with openCMS and JSPs, i'm a little lost...
> > > >
> > > > someone could help me?
> > > >
> > > >
> > > > --
> > > > TERRITORIO Jordan-Victor
> > > > Ingénieur d'Intégration Java
> > > > TEAMLOG – Ingenieurs 2000
> > > >
> > > > +33 6 30 66 54 69
> > > > jot at teamlog.com
> > > >
> > > >
> > > >
> > > > _______________________________________________
> > > > This mail is sent to you from the opencms-dev mailing list
> > > > To change your list options, or to unsubscribe from the list, please
> > > > visit
> > > > http://lists.opencms.org/mailman/listinfo/opencms-dev
> > > >
> > >
> > >
> > >
> > > --
> > > TERRITORIO Jordan-Victor
> > > Ingénieur d'Intégration Java
> > > TEAMLOG – Ingenieurs 2000
> > >
> > > +33 6 30 66 54 69
> > > jot at teamlog.com
> > >
> > >
> > >
> > > _______________________________________________
> > > This mail is sent to you from the opencms-dev mailing list
> > > To change your list options, or to unsubscribe from the list, please
> > > visit
> > > http://lists.opencms.org/mailman/listinfo/opencms-dev
> > >
> >
> >
> >
> > --
> > TERRITORIO Jordan-Victor
> > Ingénieur d'Intégration Java
> > TEAMLOG – Ingenieurs 2000
> >
> > +33 6 30 66 54 69
> > jot at teamlog.com
> >
> >
> >
> > _______________________________________________
> > This mail is sent to you from the opencms-dev mailing list
> > To change your list options, or to unsubscribe from the list, please
> > visit
> > http://lists.opencms.org/mailman/listinfo/opencms-dev
> >
>
>
>
> --
> TERRITORIO Jordan-Victor
> Ingénieur d'Intégration Java
> TEAMLOG – Ingenieurs 2000
>
> +33 6 30 66 54 69
> jot at teamlog.com
>
>
>
> _______________________________________________
> This mail is sent to you from the opencms-dev mailing list
> To change your list options, or to unsubscribe from the list, please visit
> http://lists.opencms.org/mailman/listinfo/opencms-dev
>



-- 
TERRITORIO Jordan-Victor
Ingénieur d'Intégration Java
TEAMLOG – Ingenieurs 2000

+33 6 30 66 54 69
jot at teamlog.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://webmail.opencms.org/pipermail/opencms-dev/attachments/20080407/6fbfcf88/attachment.htm>

More information about the opencms-dev mailing list