[Yanel-dev] Login

Balz Schreier balz.schreier at gmail.com
Sat Sep 18 01:54:11 CEST 2010 

Hi Michael,

I probably went too fast over that page, I thought it only allows a logical
grouping of policies with inheritance according to the hierarchical
structure within the policies directory... but now I have seen that you can
reflect the structure of a URI... it works!

I have now /de/login in the URL and
<policyrepository>/de/login.policy:
  <usecase id=3D"view">
    <world permission=3D"false"/>
  </usecase>

Now the login screen appears.
Next step is to redirect.
I have seen that Yanel provides a redirect resource...

Cheers
Balz


On Sat, Sep 18, 2010 at 12:42 AM, Michael Wechner <michael.wechner at wyona.com
> wrote:

> Balz Schreier wrote:
>
>> Hi,
>>
>> I am quite new to Yanel and one thing I'm still not sure at is the Login
>> mechanism.:
>>
>> - Assume that a lot of content is public (no login required).
>> - Certain areas require the user to login (either by clicking on a LOGIN
>> link or by accessing a protected resource, similar to URLs containing
>> "yanel.toolbar=3Don")
>>
>> 1) What possibilities are "best practices" within yanel to do a Login?
>> 2) Do I need to implement something like YanelServlet.doAccessControl()
>> for my own resources?
>> 3) Shall I trigger the login screen by passing a URL parameter like
>> "?myrealm.usecase=3Dlogin" and if that is available the login process is
>> triggered?
>> 4) The Servlet Spec provides a mechanism to configure protected resources
>> in the web.xml. Is there something similar in Yanel where one can config=
ure
>> URIs that should trigger the login mechanism?
>>
>> Thanks for providing some hints, I guess I'll have to go for 2).
>>
>
> no, only if you want to protect parts of a page, but not if it is just
> about protecting the page itself
>
> I am happy to explain, but want to make sure you have had a look at
>
>
> http://127.0.0.1:8080/yanel/yanel-website/en/documentation/security/acces=
s-policies.html
>
> ?
>
> Please let me know if this documentation is unclear and if so which parts
> in particular, such
> that we can improve it.
>
> Btw, also have a look at the from scratch realm and "play" with it, by
> changing policies
>
> src/realms/from-scratch-realm-template/ac-policies/
> http://127.0.0.1:8080/yanel/from-scratch-realm/en/index.html
>
> HTH
>
> Michael
>
>
>> Logout on the other hand is easy, adding "yanel.logout=3Dtrue" to any UR=
L.
>>
>> Thanks
>> Cheers
>> Balz
>>
>
> --
> Yanel-development mailing list Yanel-development at wyona.com
> http://lists.wyona.org/cgi-bin/mailman/listinfo/yanel-development
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.wyona.org/pipermail/yanel-development/attachments/2010091=
8/24057137/attachment.htm

More information about the Yanel-development mailing list