User Login
The adminHandler redirects any failed authorisation to a
suitable page, in this case the login.
context://admin/sitemap.xmap
<map:match pattern="login">
<map:aggregate element="root" label="aggr-content">
...
<map:part src="cocoon:/login.xml" element="content" strip-root="true"/>
</map:aggregate>
<map:call resource="outputPage"/>
</map:match>
The key piece is the login form:
context://admin/login.xml
<form:form xmlns:form="http://www.hsfr.org.uk/Schema/Form">
<form:start url="checkLogin.html">Login</form:start>
<form:field name="username" type="text">User name</form:field>
<form:field name="password" type="password">Password</form:field>
</form:form>
In this example I have used the simple form that I use in my pages (using my own form
namespace that I use for my personal pages — you can use your own form structure
as long as it is translated to the appropriate HTML). It is translated to the following
HTML:
<form method="post" action="checkLogin.html">
<div class="normalPara">
User name: <input name="username" type="text" />
<br/>
Password: <input name="password" type="password" />
<br/>
</div>
<input type="submit" value="Login"/>
</form>
Note that this is not the same as the Paloose forms framework, although it
could be used here. I have used the above for simplicity at this stage.
When the user press the "Login" button a request for the checkLogin.html page is made and is caught by the following matcher:
context://admin/sitemap.xmap
<map:match pattern="checkLogin.html">
<map:act type="auth-login">
<map:parameter name="handler" value="adminHandler"/>
<map:parameter name="username" value="{request-param:username}"/>
<map:parameter name="password" value="{request-param:password}"/>
<map:redirect-to uri="cocoon:/adminIndex.html"/> <!-- Run if authorisation works -->
</map:act>
<map:aggregate element="root" label="aggr-content"> <!-- Run if authorisation fails -->
...
<map:part src="cocoon:/loginError.xml" element="content" strip-root="true"/>
</map:aggregate>
<map:call resource="outputPage"/>
</map:match>
The auth-login action deals with the login allowing for
failed logins. In this case the latter would display the loginError.xml. The following shows the relationship of the various parts of
the login code within the sitemap:
The next
section deals with the logout mechanism.
Copyright 2006 – 2023 Hugh Field-Richards. All Rights
Reserved.