Authentication Framework Error Handling

The authentication framework allows an authentication resource to be defined in a manner similar to:

<autentication-manager>
  <handlers>
    <!-- Now follows the handlers configuration -->
    <handler name="portalhandler">
      <!-- The login resource -->
      <redirect-to uri="cocoon:/sunspotdemoportal"/>
      <authentication uri="cocoon:raw:/sunrise-authuser"/>
    </handler>
  </handlers>
</autentication-manager>

When the authentication uri references a cocoon pipeline normally one would expect that the normal cocoon error handling using <map:handle-errors> could be used. However, this is not the case. Cocoon will ignore the <map:handle-errors> in the pipeline and handle the error internally. Instead, to be able to determine what the error was in the login page the generator, or other pipeline component, must catch the error and return a document in the format:

<authentication>
  <data>any data</data>
<authentication>

For example, if a FailedLoginException is caught then the generated document might be

<authentication>
  <data>
    <type>FailedLogin</type>
  </data>
</authentication>

The data portion of this document is then saved in the temporary context and may then be accessed in the sitemap using the session context input module like:

  <map:transform src="login.xsl">
    <map:parameter name="failure-type" value="{session-context:temporary/data/type}"/>
  </map:transform>

Note that this is NOT accessed in the same fashion as the success document where the authentication node is preserved.

AuthFWErrorHandling (last edited 2009-09-20 23:39:51 by localhost)