PDA

View Full Version : using a custom constraint in 4.0


sayap
04-13-2010, 08:54 AM
May I know what's the syntax to put in a custom constraint in 4.0 resin-web.xml?

http://www.caucho.com/resin-3.0/config/webapp.xtp#constraint doesn't seem to work anymore, and I couldn't find the documentation for 4.0

emil
04-15-2010, 12:36 AM
Hi sayap,

The Resin 4.0 docs should be up again soon, but to answer your question, you can construct constraints using our new integrated rewrite & security framework. For example, if you wanted to restrict a page based on the remote user, you might do:


<web-app xmlns="http://caucho.com/ns/resin"
xmlns:resin="urn:java:com.caucho.resin">

<resin:Forbidden regexp="/harry">
<resin:Not>
<resin:IfRemoteUser value="harry"/>
</resin:Not>
</resin:Forbidden>

<resin:XmlAuthenticator>
<user>harry:H83FykjQaBwvqjGRyIRUHQ==:user</user>
</resin:XmlAuthenticator>

<resin:BasicLogin realm-name='global'/>

</web-app>


If you need a custom predicate, you can write one by implementing com.caucho.rewrite.RequestPredicate (http://www.caucho.com/resin-javadoc/com/caucho/rewrite/RequestPredicate.html), then using a <resin:Redirect> or <resin:Forbidden> tag to respond.

Let me know if that covers the case you had in mind. If not, I can give more specific suggestions.

Take care,
Emil

sayap
04-15-2010, 04:30 AM
Hi Emil,

I have created a class implementing com.caucho.rewrite.RequestPredicate. It works perfect :D

Thanks for your help.

sayap
04-15-2010, 06:27 AM
I got a related question. In my application, I need to put in a normal javax.servlet.Filter to do RequestDispatcher.forward(). I noticed that <resin:Forbidden> will only be called after the normal filters, whereas <Allow> will be called before the normal filters. Is that correct?