[opencms-dev] Logoff system and session flsuh

Mon Apr 7 16:41:09 CEST 2008

Seems correct to me. You can have numerous differnt user type, just let your db tell you what role the user has and log in the appropriate technical user.

--
Mit freundlichen Grüßen
Nick Panienski
IT Consultant

codecentric GmbH
Grünewalder Str. 29-31
42657 Solingen

Telefon  +49 (212)  24 94 330
Fax      +49 (212)  24 94 334
Mobil    +49 (151) 167 06 496
eMail    panienski at codecentric.de
Internet http://www.codecentric.de <http://www.codecentric.de/> 

Geschäftsführer: Peter Gierse, Mirko Novakovic und Rainer Vehns Sitz der Gesellschaft: Solingen
Registergericht: Amtsgericht Wuppertal, HRB 19214 

________________________________

	Von: opencms-dev-bounces at opencms.org [mailto:opencms-dev-bounces at opencms.org] Im Auftrag von Territorio Jordan-V.
	Gesendet: Montag, 7. April 2008 16:04
	An: The OpenCms mailing list
	Betreff: Re: [opencms-dev] Logoff system and session flsuh

	Okay, now i see...
	so to "secure" my pages i just have to use the existing technical user...

	So if i understand, the only things i have to do is:
	-create a manager account in opencms to log as an admin
	-create a user account in opencms to log users normally, after validation using requests to external DB.

	And then in my template, i just have to check if the Logged Man is a Manager or a User to make elements editable or not.

	Is that correct ?

	2008/4/7, Nick Panienski <panienski at codecentric.de>: 

		We use a concept we call "technical user". We authenticate a "real" user against the external database and if the credentials are okay we login an existing technical user in OpenCms that represents the real users permissions.

		Example: John Smith logs in with username/password, trying to access a secure accounting page, the combination is checked against the db, if successfull an accounting technical user is logged in thus granting John Smith access.
		--
		Mit freundlichen Grüßen
		Nick Panienski
		IT Consultant

		codecentric GmbH
		Grünewalder Str. 29-31
		42657 Solingen

		Telefon  +49 (212)  24 94 330
		Fax      +49 (212)  24 94 334
		Mobil    +49 (151) 167 06 496
		eMail    panienski at codecentric.de
		Internet http://www.codecentric.de <http://www.codecentric.de/> 

		Geschäftsführer: Peter Gierse, Mirko Novakovic und Rainer Vehns Sitz der Gesellschaft: Solingen
		Registergericht: Amtsgericht Wuppertal, HRB 19214 

________________________________

			Von: opencms-dev-bounces at opencms.org [mailto:opencms-dev-bounces at opencms.org] Im Auftrag von Territorio Jordan-V.
			Gesendet: Montag, 7. April 2008 14:54 

			An: The OpenCms mailing list
			Betreff: Re: [opencms-dev] Logoff system and session flsuh

			yes but the fact is that users accounts are in an external database... so i think it's a little bit more difficult ^^

			2008/4/7, Nick Panienski <panienski at codecentric.de>: 

				As far as I understand your needs you just have to set the resources' permission.

				This is a standard OpenCms feature. Create a group, add users to that group, set groups permission on resource.

				Have a look in the OpenCms Wiki for more information:
				http://opencms-wiki.org/How_to_create_a_restricted_area_on_your_homepage
				and
				http://opencms-wiki.org/How_OpenCms_Permissions_work

				HTH
				Nick

				--
				Mit freundlichen Grüßen
				Nick Panienski
				IT Consultant

				codecentric GmbH
				Grünewalder Str. 29-31
				42657 Solingen

				Telefon  +49 (212)  24 94 330
				Fax      +49 (212)  24 94 334
				Mobil    +49 (151) 167 06 496
				eMail    panienski at codecentric.de
				Internet http://www.codecentric.de <http://www.codecentric.de/> 

				Geschäftsführer: Peter Gierse, Mirko Novakovic und Rainer Vehns Sitz der Gesellschaft: Solingen
				Registergericht: Amtsgericht Wuppertal, HRB 19214 

________________________________

					Von: opencms-dev-bounces at opencms.org [mailto:opencms-dev-bounces at opencms.org] Im Auftrag von Territorio Jordan-V.
					Gesendet: Montag, 7. April 2008 10:39 

					An: The OpenCms mailing list
					Betreff: Re: [opencms-dev] Logoff system and session flsuh

					Of course ^^
					I want to create a group of pages with a private access. If people have no account he can't acces to pages, if he has an user account he can reach pages and do some forms, and he has an administrator account he can edit contents of those pages.

					For the moment i just try to make that peiople whit no account can't have access to pages.

					Jordan

					2008/4/7, Nick Panienski <panienski at codecentric.de>: 

					> Maybe you have an idea about securizing a a page when you're logged or not?
					Sorry, I didn't understand your second question, could you describe your other problem a little bit more detailed?

					Cheers

					Nick

					--
					Mit freundlichen Grüßen
					Nick Panienski
					IT Consultant

					codecentric GmbH
					Grünewalder Str. 29-31
					42657 Solingen

					Telefon  +49 (212)  24 94 330
					Fax      +49 (212)  24 94 334
					Mobil    +49 (151) 167 06 496
					eMail    panienski at codecentric.de
					Internet http://www.codecentric.de <http://www.codecentric.de/> 

					Geschäftsführer: Peter Gierse, Mirko Novakovic und Rainer Vehns Sitz der Gesellschaft: Solingen
					Registergericht: Amtsgericht Wuppertal, HRB 19214 

________________________________

					Von: opencms-dev-bounces at opencms.org [mailto:opencms-dev-bounces at opencms.org] Im Auftrag von Territorio Jordan-V.
					Gesendet: Freitag, 4. April 2008 16:11
					An: The OpenCms mailing list
					Betreff: Re: [opencms-dev] Logoff system and session flsuh

					Thank you a lot, it works !
					I thought there was a better way, than calling a new JSP file but finally i think it's a good thing for future purposes...

					Maybe you have an idea about securizing a a page when you're logged or not?

					2008/4/4, Nick Panienski <panienski at codecentric.de>: 

					Hi Jordan,

					I recon the easiest way to do this is to invalidate the session. Just link to a logoff.jsp with the following contents:

					<% session.invalidate(); response.sendRedirect("/page/that/should/be/displayed/after/logout.html"); %>

					That's it.

					HTH
					Nick

					--
					Mit freundlichen Grüßen
					Nick Panienski
					IT Consultant

					codecentric GmbH
					Grünewalder Str. 29-31
					42657 Solingen

					Telefon  +49 (212)  24 94 330
					Fax      +49 (212)  24 94 334
					Mobil    +49 (151) 167 06 496
					eMail    panienski at codecentric.de
					Internet http://www.codecentric.de <http://www.codecentric.de/> 

					Geschäftsführer: Peter Gierse, Mirko Novakovic und Rainer Vehns Sitz der Gesellschaft: Solingen
					Registergericht: Amtsgericht Wuppertal, HRB 19214 

________________________________

					Von: opencms-dev-bounces at opencms.org [mailto:opencms-dev-bounces at opencms.org] Im Auftrag von Territorio Jordan-V.
					Gesendet: Freitag, 4. April 2008 15:11
					An: The OpenCms mailing list
					Betreff: [opencms-dev] Logoff system and session flsuh

					Hi all,

					I have made a login system which redirect me to a page where information about the current user are displayed. But now i'd like to put a link on the user page to log him off. But i was wondering if some tag could do it because i don't what is the correct (or best) syntax to perform this action...

					I imagine that my link could send information to a java class and then all sessions variables could be flushed. Unfortunately, as i am a newbie with openCMS and JSPs, i'm a little lost...

					someone could help me?

					-- 
					TERRITORIO Jordan-Victor
					Ingénieur d'Intégration Java
					TEAMLOG - Ingenieurs 2000

					+33 6 30 66 54 69
					jot at teamlog.com 

					_______________________________________________
					This mail is sent to you from the opencms-dev mailing list
					To change your list options, or to unsubscribe from the list, please visit
					http://lists.opencms.org/mailman/listinfo/opencms-dev

					-- 
					TERRITORIO Jordan-Victor
					Ingénieur d'Intégration Java
					TEAMLOG - Ingenieurs 2000

					+33 6 30 66 54 69
					jot at teamlog.com 

					_______________________________________________
					This mail is sent to you from the opencms-dev mailing list
					To change your list options, or to unsubscribe from the list, please visit
					http://lists.opencms.org/mailman/listinfo/opencms-dev

					-- 
					TERRITORIO Jordan-Victor
					Ingénieur d'Intégration Java
					TEAMLOG - Ingenieurs 2000

					+33 6 30 66 54 69
					jot at teamlog.com 

				_______________________________________________
				This mail is sent to you from the opencms-dev mailing list
				To change your list options, or to unsubscribe from the list, please visit
				http://lists.opencms.org/mailman/listinfo/opencms-dev

			-- 
			TERRITORIO Jordan-Victor
			Ingénieur d'Intégration Java
			TEAMLOG - Ingenieurs 2000

			+33 6 30 66 54 69
			jot at teamlog.com 

		_______________________________________________
		This mail is sent to you from the opencms-dev mailing list
		To change your list options, or to unsubscribe from the list, please visit
		http://lists.opencms.org/mailman/listinfo/opencms-dev

	-- 
	TERRITORIO Jordan-Victor
	Ingénieur d'Intégration Java
	TEAMLOG - Ingenieurs 2000

	+33 6 30 66 54 69
	jot at teamlog.com 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://webmail.opencms.org/pipermail/opencms-dev/attachments/20080407/54354cf9/attachment.htm>