[Yanel-dev] Login
Michael Wechner
michael.wechner at wyona.com
Sat Sep 18 22:04:32 CEST 2010
Balz Schreier wrote:
> Hi Michael,
>
> I probably went too fast over that page, I thought it only allows a
> logical grouping of policies with inheritance according to the
> hierarchical structure within the policies directory... but now I have
> seen that you can reflect the structure of a URI... it works!
good to hear
>
> I have now /de/login in the URL and
> <policyrepository>/de/login.policy:
> <usecase id="view">
> <world permission="false"/>
> </usecase>
>
> Now the login screen appears.
> Next step is to redirect.
> I have seen that Yanel provides a redirect resource...
yes :-)
Cheers
Michael
>
> Cheers
> Balz
>
>
> On Sat, Sep 18, 2010 at 12:42 AM, Michael Wechner
> <michael.wechner at wyona.com <mailto:michael.wechner at wyona.com>> wrote:
>
> Balz Schreier wrote:
>
> Hi,
>
> I am quite new to Yanel and one thing I'm still not sure at is
> the Login mechanism.:
>
> - Assume that a lot of content is public (no login required).
> - Certain areas require the user to login (either by clicking
> on a LOGIN link or by accessing a protected resource, similar
> to URLs containing "yanel.toolbar=on")
>
> 1) What possibilities are "best practices" within yanel to do
> a Login?
> 2) Do I need to implement something like
> YanelServlet.doAccessControl() for my own resources?
> 3) Shall I trigger the login screen by passing a URL parameter
> like "?myrealm.usecase=login" and if that is available the
> login process is triggered?
> 4) The Servlet Spec provides a mechanism to configure
> protected resources in the web.xml. Is there something similar
> in Yanel where one can configure URIs that should trigger the
> login mechanism?
>
> Thanks for providing some hints, I guess I'll have to go for 2).
>
>
> no, only if you want to protect parts of a page, but not if it is
> just about protecting the page itself
>
> I am happy to explain, but want to make sure you have had a look at
>
> http://127.0.0.1:8080/yanel/yanel-website/en/documentation/security/access-policies.html
>
> ?
>
> Please let me know if this documentation is unclear and if so
> which parts in particular, such
> that we can improve it.
>
> Btw, also have a look at the from scratch realm and "play" with
> it, by changing policies
>
> src/realms/from-scratch-realm-template/ac-policies/
> http://127.0.0.1:8080/yanel/from-scratch-realm/en/index.html
>
> HTH
>
> Michael
>
>
> Logout on the other hand is easy, adding "yanel.logout=true"
> to any URL.
>
> Thanks
> Cheers
> Balz
>
>
> --
> Yanel-development mailing list Yanel-development at wyona.com
> <mailto:Yanel-development at wyona.com>
> http://lists.wyona.org/cgi-bin/mailman/listinfo/yanel-development
>
>
More information about the Yanel-development
mailing list