Hi all,
Here's a question I'm hoping somebody knows an answer to. I've experimenting with cocoon, which of course is excellent at doing things like remapping xml files so that users think they are reading a file in html, and the like. The Digital Medievalist site is in fact produced using cocoon which transforms the underlying xml.
What I need to be able to do is use passwords to protect this site. I've read up on cocoon's authentication model, including the sample code. But they don't give examples with kind of authentication backend I'm most familiar with .htpasswd (or any at all, really).
Does anybody have experience with cocoon's authentication, particularly using an easy-to-set-up authentication backend (and even better .htpasswd)? I appreciate any suggestions, especially since, as this project is in pre-funding mode, I'll have to learn any system proposed rather than having the money to hire somebody who knows what they are doing.
-dan
I have been told that the Python Djano web framework is really good at providing an authentication system out of the box, and I know that Peter Robinson has been recasting his old Anastasia publishing system as a Django application with a Berkeley xml database as its back end.
A possible solution?
Might On Aug 25, 2009, at 11:14 PM, Daniel Paul O'Donnell wrote:
Hi all,
Here's a question I'm hoping somebody knows an answer to. I've experimenting with cocoon, which of course is excellent at doing things like remapping xml files so that users think they are reading a file in html, and the like. The Digital Medievalist site is in fact produced using cocoon which transforms the underlying xml.
What I need to be able to do is use passwords to protect this site. I've read up on cocoon's authentication model, including the sample code. But they don't give examples with kind of authentication backend I'm most familiar with .htpasswd (or any at all, really).
Does anybody have experience with cocoon's authentication, particularly using an easy-to-set-up authentication backend (and even better .htpasswd)? I appreciate any suggestions, especially since, as this project is in pre-funding mode, I'll have to learn any system proposed rather than having the money to hire somebody who knows what they are doing.
-dan
-- Daniel Paul O'Donnell Associate Professor of English University of Lethbridge
Chair and CEO, Text Encoding Initiative (http://www.tei-c.org/) Co-Chair, Digital Initiatives Advisory Board, Medieval Academy of America President-elect (English), Society for Digital Humanities/Société pour l'étude des médias interactifs (http://sdh-semi.org/) Founding Director (2003-2009), Digital Medievalist Project (http://www.digitalmedievalist.org/ )
Vox: +1 403 329-2377 Fax: +1 403 382-7191 (non-confidental) Home Page: http://people.uleth.ca/~daniel.odonnell/
Digital Medievalist -- http://www.digitalmedievalist.org/ Journal: http://www.digitalmedievalist.org/journal/ Journal Editors: editors _AT_ digitalmedievalist.org News: http://www.digitalmedievalist.org/news/ Wiki: http://www.digitalmedievalist.org/wiki/ Discussion list: dm-l@uleth.ca Change list options: http://listserv.uleth.ca/mailman/listinfo/dm-l
Thanks Martin!
I'm worried that might be too complicated: I've got a really basic system in cocoon set up so that researchers on a project can see xml files in HTML and people with various skill sets can make changes where they are comfortable. The whole thing is updated every couple of minutes from a central subversion repository (it is actually all just a clone with some teaks of the DM site, reapplied to an editorial project [thanks James!]).
I'd be worried about the time involved in learning a new language and set of protocols at this early stage in the process, where all we are looking for is a way of protecting an otherwise perfectly functioning research site. As my stealing everything from DM suggests, it is at this moment the quickest, least learning intensive solution I'm looking for.
But then I've never worked with Python, so maybe I'm being crazy.
-dan
Martin Mueller wrote:
I have been told that the Python Djano web framework is really good at providing an authentication system out of the box, and I know that Peter Robinson has been recasting his old Anastasia publishing system as a Django application with a Berkeley xml database as its back end.
A possible solution?
Might On Aug 25, 2009, at 11:14 PM, Daniel Paul O'Donnell wrote:
Hi all,
Here's a question I'm hoping somebody knows an answer to. I've experimenting with cocoon, which of course is excellent at doing things like remapping xml files so that users think they are reading a file in html, and the like. The Digital Medievalist site is in fact produced using cocoon which transforms the underlying xml.
What I need to be able to do is use passwords to protect this site. I've read up on cocoon's authentication model, including the sample code. But they don't give examples with kind of authentication backend I'm most familiar with .htpasswd (or any at all, really).
Does anybody have experience with cocoon's authentication, particularly using an easy-to-set-up authentication backend (and even better .htpasswd)? I appreciate any suggestions, especially since, as this project is in pre-funding mode, I'll have to learn any system proposed rather than having the money to hire somebody who knows what they are doing.
-dan
-- Daniel Paul O'Donnell Associate Professor of English University of Lethbridge
Chair and CEO, Text Encoding Initiative (http://www.tei-c.org/) Co-Chair, Digital Initiatives Advisory Board, Medieval Academy of America President-elect (English), Society for Digital Humanities/Société pour l'étude des médias interactifs (http://sdh-semi.org/) Founding Director (2003-2009), Digital Medievalist Project (http://www.digitalmedievalist.org/)
Vox: +1 403 329-2377 Fax: +1 403 382-7191 (non-confidental) Home Page: http://people.uleth.ca/~daniel.odonnell/
Digital Medievalist -- http://www.digitalmedievalist.org/ Journal: http://www.digitalmedievalist.org/journal/ Journal Editors: editors _AT_ digitalmedievalist.org News: http://www.digitalmedievalist.org/news/ Wiki: http://www.digitalmedievalist.org/wiki/ Discussion list: dm-l@uleth.ca Change list options: http://listserv.uleth.ca/mailman/listinfo/dm-l
Hi Dan,
I don't think Cocoon supports anything as simple as .htaccess, but my experience with it is a bit dated. It isn't terribly hard to set up an authentication system for it if you know Java--basically you create some sort of Action that does your authentication/authorization and then wrap the pipelines you want protected in that.
You get a lot out of the box with frameworks like Django, but I think you're right that there would be a lot to learn and rebuild if you've already got a working system.
So if your needs are simple right now, why not just use .htpasswd? It's fairly easy to set up Apache as a front to Tomcat, using mod_jk (see http://tomcat.apache.org/connectors-doc/generic_howto/ quick.html), and then you can do it the way you're used to.
Hugh
On Aug 26, 2009, at 12:44 AM, Daniel Paul O'Donnell wrote:
Thanks Martin!
I'm worried that might be too complicated: I've got a really basic system in cocoon set up so that researchers on a project can see xml files in HTML and people with various skill sets can make changes where they are comfortable. The whole thing is updated every couple of minutes from a central subversion repository (it is actually all just a clone with some teaks of the DM site, reapplied to an editorial project [thanks James!]).
I'd be worried about the time involved in learning a new language and set of protocols at this early stage in the process, where all we are looking for is a way of protecting an otherwise perfectly functioning research site. As my stealing everything from DM suggests, it is at this moment the quickest, least learning intensive solution I'm looking for.
But then I've never worked with Python, so maybe I'm being crazy.
-dan
Martin Mueller wrote:
I have been told that the Python Djano web framework is really good at providing an authentication system out of the box, and I know that Peter Robinson has been recasting his old Anastasia publishing system as a Django application with a Berkeley xml database as its back end.
A possible solution?
Might On Aug 25, 2009, at 11:14 PM, Daniel Paul O'Donnell wrote:
Hi all,
Here's a question I'm hoping somebody knows an answer to. I've experimenting with cocoon, which of course is excellent at doing things like remapping xml files so that users think they are reading a file in html, and the like. The Digital Medievalist site is in fact produced using cocoon which transforms the underlying xml.
What I need to be able to do is use passwords to protect this site. I've read up on cocoon's authentication model, including the sample code. But they don't give examples with kind of authentication backend I'm most familiar with .htpasswd (or any at all, really).
Does anybody have experience with cocoon's authentication, particularly using an easy-to-set-up authentication backend (and even better .htpasswd)? I appreciate any suggestions, especially since, as this project is in pre-funding mode, I'll have to learn any system proposed rather than having the money to hire somebody who knows what they are doing.
-dan
-- Daniel Paul O'Donnell Associate Professor of English University of Lethbridge
Chair and CEO, Text Encoding Initiative (http://www.tei-c.org/) Co-Chair, Digital Initiatives Advisory Board, Medieval Academy of America President-elect (English), Society for Digital Humanities/Société pour l'étude des médias interactifs (http://sdh-semi.org/) Founding Director (2003-2009), Digital Medievalist Project (http://www.digitalmedievalist.org/ )
Vox: +1 403 329-2377 Fax: +1 403 382-7191 (non-confidental) Home Page: http://people.uleth.ca/~daniel.odonnell/
Digital Medievalist -- http://www.digitalmedievalist.org/ Journal: http://www.digitalmedievalist.org/journal/ Journal Editors: editors _AT_ digitalmedievalist.org News: http://www.digitalmedievalist.org/news/ Wiki: http://www.digitalmedievalist.org/wiki/ Discussion list: dm-l@uleth.ca Change list options: http://listserv.uleth.ca/mailman/listinfo/dm-l
-- Daniel Paul O'Donnell Associate Professor of English University of Lethbridge
Chair and CEO, Text Encoding Initiative (http://www.tei-c.org/) Co-Chair, Digital Initiatives Advisory Board, Medieval Academy of America President-elect (English), Society for Digital Humanities/Société pour l'étude des médias interactifs (http://sdh-semi.org/) Founding Director (2003-2009), Digital Medievalist Project (http://www.digitalmedievalist.org/ )
Vox: +1 403 329-2377 Fax: +1 403 382-7191 (non-confidental) Home Page: http://people.uleth.ca/~daniel.odonnell/
Digital Medievalist -- http://www.digitalmedievalist.org/ Journal: http://www.digitalmedievalist.org/journal/ Journal Editors: editors _AT_ digitalmedievalist.org News: http://www.digitalmedievalist.org/news/ Wiki: http://www.digitalmedievalist.org/wiki/ Discussion list: dm-l@uleth.ca Change list options: http://listserv.uleth.ca/mailman/listinfo/dm-l
Hi Hugh,
I'm using cocoon, because the researchers on the project (including me) need different views of the underlying XML depending on what their interests are, and it is easy in cocoon to create an extensible URL-based pipeline for all the different possibilities.: my first choice was, as always, just a straight Apache XML site, but we needed the flexibility for this.
Cocoon has had a module that does basically what you suggest below since 2.1--I spent a lot of time looking up pre-2.1 ways of doing things before discovering this! The real question is whether there is an off-the-shelf backend I can point it to that doesn't require me to do a lot of programming or learning new systems.
Thanks very much!
-dan
Hugh Cayless wrote:
Hi Dan,
I don't think Cocoon supports anything as simple as .htaccess, but my experience with it is a bit dated. It isn't terribly hard to set up an authentication system for it if you know Java--basically you create some sort of Action that does your authentication/authorization and then wrap the pipelines you want protected in that.
You get a lot out of the box with frameworks like Django, but I think you're right that there would be a lot to learn and rebuild if you've already got a working system.
So if your needs are simple right now, why not just use .htpasswd? It's fairly easy to set up Apache as a front to Tomcat, using mod_jk (see http://tomcat.apache.org/connectors-doc/generic_howto/quick.html), and then you can do it the way you're used to.
Hugh
On Aug 26, 2009, at 12:44 AM, Daniel Paul O'Donnell wrote:
Thanks Martin!
I'm worried that might be too complicated: I've got a really basic system in cocoon set up so that researchers on a project can see xml files in HTML and people with various skill sets can make changes where they are comfortable. The whole thing is updated every couple of minutes from a central subversion repository (it is actually all just a clone with some teaks of the DM site, reapplied to an editorial project [thanks James!]).
I'd be worried about the time involved in learning a new language and set of protocols at this early stage in the process, where all we are looking for is a way of protecting an otherwise perfectly functioning research site. As my stealing everything from DM suggests, it is at this moment the quickest, least learning intensive solution I'm looking for.
But then I've never worked with Python, so maybe I'm being crazy.
-dan
Martin Mueller wrote:
I have been told that the Python Djano web framework is really good at providing an authentication system out of the box, and I know that Peter Robinson has been recasting his old Anastasia publishing system as a Django application with a Berkeley xml database as its back end.
A possible solution?
Might On Aug 25, 2009, at 11:14 PM, Daniel Paul O'Donnell wrote:
Hi all,
Here's a question I'm hoping somebody knows an answer to. I've experimenting with cocoon, which of course is excellent at doing things like remapping xml files so that users think they are reading a file in html, and the like. The Digital Medievalist site is in fact produced using cocoon which transforms the underlying xml.
What I need to be able to do is use passwords to protect this site. I've read up on cocoon's authentication model, including the sample code. But they don't give examples with kind of authentication backend I'm most familiar with .htpasswd (or any at all, really).
Does anybody have experience with cocoon's authentication, particularly using an easy-to-set-up authentication backend (and even better .htpasswd)? I appreciate any suggestions, especially since, as this project is in pre-funding mode, I'll have to learn any system proposed rather than having the money to hire somebody who knows what they are doing.
-dan
-- Daniel Paul O'Donnell Associate Professor of English University of Lethbridge
Chair and CEO, Text Encoding Initiative (http://www.tei-c.org/) Co-Chair, Digital Initiatives Advisory Board, Medieval Academy of America President-elect (English), Society for Digital Humanities/Société pour l'étude des médias interactifs (http://sdh-semi.org/) Founding Director (2003-2009), Digital Medievalist Project (http://www.digitalmedievalist.org/)
Vox: +1 403 329-2377 Fax: +1 403 382-7191 (non-confidental) Home Page: http://people.uleth.ca/~daniel.odonnell/
Digital Medievalist -- http://www.digitalmedievalist.org/ Journal: http://www.digitalmedievalist.org/journal/ Journal Editors: editors _AT_ digitalmedievalist.org News: http://www.digitalmedievalist.org/news/ Wiki: http://www.digitalmedievalist.org/wiki/ Discussion list: dm-l@uleth.ca Change list options: http://listserv.uleth.ca/mailman/listinfo/dm-l
-- Daniel Paul O'Donnell Associate Professor of English University of Lethbridge
Chair and CEO, Text Encoding Initiative (http://www.tei-c.org/) Co-Chair, Digital Initiatives Advisory Board, Medieval Academy of America President-elect (English), Society for Digital Humanities/Société pour l'étude des médias interactifs (http://sdh-semi.org/) Founding Director (2003-2009), Digital Medievalist Project (http://www.digitalmedievalist.org/)
Vox: +1 403 329-2377 Fax: +1 403 382-7191 (non-confidental) Home Page: http://people.uleth.ca/~daniel.odonnell/
Digital Medievalist -- http://www.digitalmedievalist.org/ Journal: http://www.digitalmedievalist.org/journal/ Journal Editors: editors _AT_ digitalmedievalist.org News: http://www.digitalmedievalist.org/news/ Wiki: http://www.digitalmedievalist.org/wiki/ Discussion list: dm-l@uleth.ca Change list options: http://listserv.uleth.ca/mailman/listinfo/dm-l
Hi Dan,
I'm assuming you've looked at http://cocoon.apache.org/2.1/developing/webapps/authentication.html and the sections beneath it in the left-hand menu? I believe one should be able to handle the authentication and authorization entirely in cocoon. I've only set it up in the context of eXist where you are authenticating against the users in the eXist database.
-James
On Wed, Aug 26, 2009 at 17:16, Daniel Paul O'Donnelldaniel.odonnell@gmail.com wrote:
Hi Hugh,
I'm using cocoon, because the researchers on the project (including me) need different views of the underlying XML depending on what their interests are, and it is easy in cocoon to create an extensible URL-based pipeline for all the different possibilities.: my first choice was, as always, just a straight Apache XML site, but we needed the flexibility for this.
Cocoon has had a module that does basically what you suggest below since 2.1--I spent a lot of time looking up pre-2.1 ways of doing things before discovering this! The real question is whether there is an off-the-shelf backend I can point it to that doesn't require me to do a lot of programming or learning new systems.
Thanks very much!
-dan
Hi James,
Yes indeed, I've been following that. Unless I'm nuts though, cocoon's framework is a framework that passes the authentication work itself (i.e. the password checking) to an external application, be that LDAP, or whatever. The examples are all very general.
I'll go through it to double check that I've not misread something when I get back from camping. But as far as I'm aware it passes something off in very much the way Hugh suggested he'd build it if it didn't exist.
-dan
James Cummings wrote:
Hi Dan,
I'm assuming you've looked at http://cocoon.apache.org/2.1/developing/webapps/authentication.html and the sections beneath it in the left-hand menu? I believe one should be able to handle the authentication and authorization entirely in cocoon. I've only set it up in the context of eXist where you are authenticating against the users in the eXist database.
-James
On Wed, Aug 26, 2009 at 17:16, Daniel Paul O'Donnelldaniel.odonnell@gmail.com wrote:
Hi Hugh,
I'm using cocoon, because the researchers on the project (including me) need different views of the underlying XML depending on what their interests are, and it is easy in cocoon to create an extensible URL-based pipeline for all the different possibilities.: my first choice was, as always, just a straight Apache XML site, but we needed the flexibility for this.
Cocoon has had a module that does basically what you suggest below since 2.1--I spent a lot of time looking up pre-2.1 ways of doing things before discovering this! The real question is whether there is an off-the-shelf backend I can point it to that doesn't require me to do a lot of programming or learning new systems.
Thanks very much!
-dan
Digital Medievalist -- http://www.digitalmedievalist.org/ Journal: http://www.digitalmedievalist.org/journal/ Journal Editors: editors _AT_ digitalmedievalist.org News: http://www.digitalmedievalist.org/news/ Wiki: http://www.digitalmedievalist.org/wiki/ Discussion list: dm-l@uleth.ca Change list options: http://listserv.uleth.ca/mailman/listinfo/dm-l
-
Daniel Paul O'Donnell -
Hugh Cayless -
James Cummings -
Martin Mueller