[opencms-dev] Logoff system and session flsuh
Nick Panienski
panienski at codecentric.de
Mon Apr 7 16:41:09 CEST 2008
Seems correct to me. You can have numerous differnt user type, just let your db tell you what role the user has and log in the appropriate technical user.
--
Mit freundlichen Grüßen
Nick Panienski
IT Consultant
codecentric GmbH
Grünewalder Str. 29-31
42657 Solingen
Telefon +49 (212) 24 94 330
Fax +49 (212) 24 94 334
Mobil +49 (151) 167 06 496
eMail panienski at codecentric.de
Internet http://www.codecentric.de <http://www.codecentric.de/>
Geschäftsführer: Peter Gierse, Mirko Novakovic und Rainer Vehns Sitz der Gesellschaft: Solingen
Registergericht: Amtsgericht Wuppertal, HRB 19214
________________________________
Von: opencms-dev-bounces at opencms.org [mailto:opencms-dev-bounces at opencms.org] Im Auftrag von Territorio Jordan-V.
Gesendet: Montag, 7. April 2008 16:04
An: The OpenCms mailing list
Betreff: Re: [opencms-dev] Logoff system and session flsuh
Okay, now i see...
so to "secure" my pages i just have to use the existing technical user...
So if i understand, the only things i have to do is:
-create a manager account in opencms to log as an admin
-create a user account in opencms to log users normally, after validation using requests to external DB.
And then in my template, i just have to check if the Logged Man is a Manager or a User to make elements editable or not.
Is that correct ?
2008/4/7, Nick Panienski <panienski at codecentric.de>:
We use a concept we call "technical user". We authenticate a "real" user against the external database and if the credentials are okay we login an existing technical user in OpenCms that represents the real users permissions.
Example: John Smith logs in with username/password, trying to access a secure accounting page, the combination is checked against the db, if successfull an accounting technical user is logged in thus granting John Smith access.
--
Mit freundlichen Grüßen
Nick Panienski
IT Consultant
codecentric GmbH
Grünewalder Str. 29-31
42657 Solingen
Telefon +49 (212) 24 94 330
Fax +49 (212) 24 94 334
Mobil +49 (151) 167 06 496
eMail panienski at codecentric.de
Internet http://www.codecentric.de <http://www.codecentric.de/>
Geschäftsführer: Peter Gierse, Mirko Novakovic und Rainer Vehns Sitz der Gesellschaft: Solingen
Registergericht: Amtsgericht Wuppertal, HRB 19214
________________________________
Von: opencms-dev-bounces at opencms.org [mailto:opencms-dev-bounces at opencms.org] Im Auftrag von Territorio Jordan-V.
Gesendet: Montag, 7. April 2008 14:54
An: The OpenCms mailing list
Betreff: Re: [opencms-dev] Logoff system and session flsuh
yes but the fact is that users accounts are in an external database... so i think it's a little bit more difficult ^^
2008/4/7, Nick Panienski <panienski at codecentric.de>:
As far as I understand your needs you just have to set the resources' permission.
This is a standard OpenCms feature. Create a group, add users to that group, set groups permission on resource.
Have a look in the OpenCms Wiki for more information:
http://opencms-wiki.org/How_to_create_a_restricted_area_on_your_homepage
and
http://opencms-wiki.org/How_OpenCms_Permissions_work
HTH
Nick
--
Mit freundlichen Grüßen
Nick Panienski
IT Consultant
codecentric GmbH
Grünewalder Str. 29-31
42657 Solingen
Telefon +49 (212) 24 94 330
Fax +49 (212) 24 94 334
Mobil +49 (151) 167 06 496
eMail panienski at codecentric.de
Internet http://www.codecentric.de <http://www.codecentric.de/>
Geschäftsführer: Peter Gierse, Mirko Novakovic und Rainer Vehns Sitz der Gesellschaft: Solingen
Registergericht: Amtsgericht Wuppertal, HRB 19214
________________________________
Von: opencms-dev-bounces at opencms.org [mailto:opencms-dev-bounces at opencms.org] Im Auftrag von Territorio Jordan-V.
Gesendet: Montag, 7. April 2008 10:39
An: The OpenCms mailing list
Betreff: Re: [opencms-dev] Logoff system and session flsuh
Of course ^^
I want to create a group of pages with a private access. If people have no account he can't acces to pages, if he has an user account he can reach pages and do some forms, and he has an administrator account he can edit contents of those pages.
For the moment i just try to make that peiople whit no account can't have access to pages.
Jordan
2008/4/7, Nick Panienski <panienski at codecentric.de>:
> Maybe you have an idea about securizing a a page when you're logged or not?
Sorry, I didn't understand your second question, could you describe your other problem a little bit more detailed?
Cheers
Nick
--
Mit freundlichen Grüßen
Nick Panienski
IT Consultant
codecentric GmbH
Grünewalder Str. 29-31
42657 Solingen
Telefon +49 (212) 24 94 330
Fax +49 (212) 24 94 334
Mobil +49 (151) 167 06 496
eMail panienski at codecentric.de
Internet http://www.codecentric.de <http://www.codecentric.de/>
Geschäftsführer: Peter Gierse, Mirko Novakovic und Rainer Vehns Sitz der Gesellschaft: Solingen
Registergericht: Amtsgericht Wuppertal, HRB 19214
________________________________
Von: opencms-dev-bounces at opencms.org [mailto:opencms-dev-bounces at opencms.org] Im Auftrag von Territorio Jordan-V.
Gesendet: Freitag, 4. April 2008 16:11
An: The OpenCms mailing list
Betreff: Re: [opencms-dev] Logoff system and session flsuh
Thank you a lot, it works !
I thought there was a better way, than calling a new JSP file but finally i think it's a good thing for future purposes...
Maybe you have an idea about securizing a a page when you're logged or not?
2008/4/4, Nick Panienski <panienski at codecentric.de>:
Hi Jordan,
I recon the easiest way to do this is to invalidate the session. Just link to a logoff.jsp with the following contents:
<% session.invalidate(); response.sendRedirect("/page/that/should/be/displayed/after/logout.html"); %>
That's it.
HTH
Nick
--
Mit freundlichen Grüßen
Nick Panienski
IT Consultant
codecentric GmbH
Grünewalder Str. 29-31
42657 Solingen
Telefon +49 (212) 24 94 330
Fax +49 (212) 24 94 334
Mobil +49 (151) 167 06 496
eMail panienski at codecentric.de
Internet http://www.codecentric.de <http://www.codecentric.de/>
Geschäftsführer: Peter Gierse, Mirko Novakovic und Rainer Vehns Sitz der Gesellschaft: Solingen
Registergericht: Amtsgericht Wuppertal, HRB 19214
________________________________
Von: opencms-dev-bounces at opencms.org [mailto:opencms-dev-bounces at opencms.org] Im Auftrag von Territorio Jordan-V.
Gesendet: Freitag, 4. April 2008 15:11
An: The OpenCms mailing list
Betreff: [opencms-dev] Logoff system and session flsuh
Hi all,
I have made a login system which redirect me to a page where information about the current user are displayed. But now i'd like to put a link on the user page to log him off. But i was wondering if some tag could do it because i don't what is the correct (or best) syntax to perform this action...
I imagine that my link could send information to a java class and then all sessions variables could be flushed. Unfortunately, as i am a newbie with openCMS and JSPs, i'm a little lost...
someone could help me?
--
TERRITORIO Jordan-Victor
Ingénieur d'Intégration Java
TEAMLOG - Ingenieurs 2000
+33 6 30 66 54 69
jot at teamlog.com
_______________________________________________
This mail is sent to you from the opencms-dev mailing list
To change your list options, or to unsubscribe from the list, please visit
http://lists.opencms.org/mailman/listinfo/opencms-dev
--
TERRITORIO Jordan-Victor
Ingénieur d'Intégration Java
TEAMLOG - Ingenieurs 2000
+33 6 30 66 54 69
jot at teamlog.com
_______________________________________________
This mail is sent to you from the opencms-dev mailing list
To change your list options, or to unsubscribe from the list, please visit
http://lists.opencms.org/mailman/listinfo/opencms-dev
--
TERRITORIO Jordan-Victor
Ingénieur d'Intégration Java
TEAMLOG - Ingenieurs 2000
+33 6 30 66 54 69
jot at teamlog.com
_______________________________________________
This mail is sent to you from the opencms-dev mailing list
To change your list options, or to unsubscribe from the list, please visit
http://lists.opencms.org/mailman/listinfo/opencms-dev
--
TERRITORIO Jordan-Victor
Ingénieur d'Intégration Java
TEAMLOG - Ingenieurs 2000
+33 6 30 66 54 69
jot at teamlog.com
_______________________________________________
This mail is sent to you from the opencms-dev mailing list
To change your list options, or to unsubscribe from the list, please visit
http://lists.opencms.org/mailman/listinfo/opencms-dev
--
TERRITORIO Jordan-Victor
Ingénieur d'Intégration Java
TEAMLOG - Ingenieurs 2000
+33 6 30 66 54 69
jot at teamlog.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://webmail.opencms.org/pipermail/opencms-dev/attachments/20080407/54354cf9/attachment.htm>
More information about the opencms-dev
mailing list