Tutorials

Task-driven tutorials and recipes for PageSeeder

How to control access to a Berlioz site using the Deck

Skills requiredXML,XSL
Time required (minutes)30
Intended audienceDeveloper
DifficultyMedium
CategoryBerlioz

Objective

Using the permission model and account management of PageSeeder is a straightforward way of managing user access to a Berlioz site. This task is made simpler by a module called Deck (a companion to Bridge).

Essentially Deck enables the co-opting of a PageSeeder group, by a Berlioz site, in order to provide user management and authentication. The Berlioz site can be either local or remote to the PageSeeder server.

How the user accounts are administrated is a decision for the person managing the site. PageSeeder has native user interfaces for recovering lost passwords, creating accounts or adding members to a group. The same functionality is accessible through the Service API. Whether to use the inbuilt interfaces, develop your own, or use a hybrid approach, is more likely a question of requirements for user experience and available developer resources rather than a technical question. 

By the end of this tutorial, the student should be able to configure a PageSeeder group to manage user access to a Berlioz website.

Tutorial

Prepare the components

Install a Berlioz base.

To keep this exercise simple, consider running the web site on the same server as PageSeeder.

http://hg.pageseeder.com.au/psberlioz-base/ 

Define the security filter:

Go to

WebContent/WEB-INF/Web.xml

Under <web-app> element, define a <filter> element as follows:

<filter>
    <filter-name>SecurityFilter</filter-name>
    <filter-class>com.weborganic.deck.servlet.SecurityFilter</filter-class>
  </filter>

Under the <filter> element, create a <filter-mapping> element as follows:

  <filter-mapping>
    <filter-name>SecurityFilter</filter-name>
    <url-pattern>*.html</url-pattern>
  </filter-mapping>

Reference: Introduction to Web Application Deployment Descriptors 

Berlioz configuration

Open the following file:

WebContent/WEB-INF/config/config-[mode].xml

Under the <global> element, define the configuration of the <deck> element.

<deck 
api-url="[PageSeeder API URL eg: http://ps.allette.com.au:8282/] "
    <authenticator type="pageseeder" member-of="dev-*" />
  </deck>

Use attribute @member-of to define which PageSeeder group to authenticate the account against.

Define the login servlet

Open

WebContent/WEB-INF/Web.xml

Under the <webb-app> element, define the <servlet> element as follows:

<servlet>
    <servlet-name>LoginServlet</servlet-name>
    <servlet-class>com.weborganic.deck.servlet.LoginServlet</servlet-class>
    <init-param>
      <param-name>login-page</param-name>
      <param-value>/login.html</param-value>
    </init-param>
    <init-param>
      <param-name>default-target</param-name>
      <param-value>/home.html</param-value>
    </init-param>
  </servlet>

Define <servlet-mapping>

  <servlet-mapping>
    <servlet-name>LoginServlet</servlet-name>
    <url-pattern>/login</url-pattern>
  </servlet-mapping>

Reference: Introduction to Web Application Deployment Descriptors 

Define a Berlioz service

Open the following file:

WebContent/WEB-INF/config/services.xml

Under the <service-config> element, define a <service> element as follows:

<service id="login" method="get">
    <url pattern="/login" />
    <generator class="org.weborganic.berlioz.generator.NoContent" 
             name="login" 
             target="main" />
</service>

Use XSL to create a login page

Go to the following folder:

WebContent/WEB-INF/xslt/html/default

Create a file called login.xsl then copy and paste the following code into the file and save it:

<!-- Display the login page -->
<xsl:template match="content[@name='login']" mode="content">
<xsl:variable name="login-failed"
 select="//http-parameters/parameter[@name='message']"/>

<div class="panel">
  <div id="body-{/root/header/service}">
    <form action="/login" method="post">
     <div class="input-field email">
       <input type="email"
              name="username"
              id="username"
              placeholder="Email"
              maxlength="100"
              required="required"/>
      </div>
   <div class="input-field password">
      <input type="password"
             name="password"
             id="password"
             placeholder="Password"
             maxlength="100"
             required="required"/>
      </div>
    <xsl:if test="string($login-failed) !=''">
          <xsl:value-of select="$login-failed"/>
        </xsl:if>
      <div class="input-field submit">
        <input type="submit"
             value="Login"/>
      </div>
    </form>
   </div>
 </div>
</xsl:template>

Open the following file:

WebContent/WEB-INF/xslt/html/default.xsl

Import the newly created file as the following.

<xsl:import href="default/login.xsl"/>

Created on , last edited on