User Login

The adminHandler redirects any failed authorisation to a suitable page, in this case the login.

context://admin/sitemap.xmap
<map:match pattern="login"> <map:aggregate element="root" label="aggr-content"> ... <map:part src="cocoon:/login.xml" element="content" strip-root="true"/> </map:aggregate> <map:call resource="outputPage"/> </map:match>

The key piece is the login form:

context://admin/login.xml
<form:form xmlns:form="http://www.hsfr.org.uk/Schema/Form"> <form:start url="checkLogin.html">Login</form:start> <form:field name="username" type="text">User name</form:field> <form:field name="password" type="password">Password</form:field> </form:form>

In this example I have used the simple form that I use in my pages (using my own form namespace that I use for my personal pages — you can use your own form structure as long as it is translated to the appropriate HTML). It is translated to the following HTML:

<form method="post" action="checkLogin.html"> <div class="normalPara"> User name: <input name="username" type="text" /> <br/> Password: <input name="password" type="password" /> <br/> </div> <input type="submit" value="Login"/> </form>

Note that this is not the same as the Paloose forms framework, although it could be used here. I have used the above for simplicity at this stage.

When the user press the "Login" button a request for the checkLogin.html page is made and is caught by the following matcher:

context://admin/sitemap.xmap
<map:match pattern="checkLogin.html"> <map:act type="auth-login"> <map:parameter name="handler" value="adminHandler"/> <map:parameter name="username" value="{request-param:username}"/> <map:parameter name="password" value="{request-param:password}"/> <map:redirect-to uri="cocoon:/adminIndex.html"/> <!-- Run if authorisation works --> </map:act> <map:aggregate element="root" label="aggr-content"> <!-- Run if authorisation fails --> ... <map:part src="cocoon:/loginError.xml" element="content" strip-root="true"/> </map:aggregate> <map:call resource="outputPage"/> </map:match>

The auth-login action deals with the login allowing for failed logins. In this case the latter would display the loginError.xml. The following shows the relationship of the various parts of the login code within the sitemap:

The next section deals with the logout mechanism.

Copyright 2006 – 2023 Hugh Field-Richards. All Rights Reserved.