[Yanel-dev] Login
Michael Wechner
michael.wechner at wyona.com
Sat Sep 18 00:42:47 CEST 2010
Balz Schreier wrote:
> Hi,
>
> I am quite new to Yanel and one thing I'm still not sure at is the
> Login mechanism.:
>
> - Assume that a lot of content is public (no login required).
> - Certain areas require the user to login (either by clicking on a
> LOGIN link or by accessing a protected resource, similar to URLs
> containing "yanel.toolbar=on")
>
> 1) What possibilities are "best practices" within yanel to do a Login?
> 2) Do I need to implement something like
> YanelServlet.doAccessControl() for my own resources?
> 3) Shall I trigger the login screen by passing a URL parameter like
> "?myrealm.usecase=login" and if that is available the login process is
> triggered?
> 4) The Servlet Spec provides a mechanism to configure protected
> resources in the web.xml. Is there something similar in Yanel where
> one can configure URIs that should trigger the login mechanism?
>
> Thanks for providing some hints, I guess I'll have to go for 2).
no, only if you want to protect parts of a page, but not if it is just
about protecting the page itself
I am happy to explain, but want to make sure you have had a look at
http://127.0.0.1:8080/yanel/yanel-website/en/documentation/security/access-policies.html
?
Please let me know if this documentation is unclear and if so which
parts in particular, such
that we can improve it.
Btw, also have a look at the from scratch realm and "play" with it, by
changing policies
src/realms/from-scratch-realm-template/ac-policies/
http://127.0.0.1:8080/yanel/from-scratch-realm/en/index.html
HTH
Michael
>
> Logout on the other hand is easy, adding "yanel.logout=true" to any URL.
>
> Thanks
> Cheers
> Balz
More information about the Yanel-development
mailing list