Index: openacs-4/packages/acs-core-docs/www/request-processor.adp =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-core-docs/www/request-processor.adp,v diff -u -r1.1.2.3 -r1.1.2.4 --- openacs-4/packages/acs-core-docs/www/request-processor.adp 28 Sep 2015 07:54:24 -0000 1.1.2.3 +++ openacs-4/packages/acs-core-docs/www/request-processor.adp 9 Jun 2016 13:03:11 -0000 1.1.2.4 @@ -14,14 +14,14 @@ OpenACS docs are written by the named authors, and may be edited by OpenACS documentation staff.

-Overview

This document is a brief introduction to the OpenACS 5.7.0 +Overview

This document is a brief introduction to the OpenACS 5.9.0 Request Processor; more details can be found in the OpenACS 4 Request Processor Design. Here we cover the high level concepts behind the system, and implications and usage for the application developer.

-Request Processor

The 5.7.0 Request Processor is a global filter and set of Tcl +Request Processor

The 5.9.0 Request Processor is a global filter and set of Tcl procs that respond to every incoming URL reaching the server. The following diagram summarizes the stages of the request processor assuming a URL request like http://someserver.com/notes/somepage.adp.

@@ -46,7 +46,7 @@ the client request and either extracts or sets up new session tokens for the user.

Stage 3: Authorization

Next, the Request Processor checks if the user has appropriate access privileges to the requested part of the site. In OpenACS -5.7.0, access control is dictated by the permissions system. In this case, +5.9.0, access control is dictated by the permissions system. In this case, the RP checks if the user has "read" priviledges on the object in the site map specified by the URL. This object is typically a package instance, but it could easily be something more granular,