Re: Tynamo Security Login Page
On Thu, Nov 10, 2016 at 2:51 AM, Adam X wrote: > 1) > How do I customize the login page? > a) I'd like to edit error messages: "You must provide a value for Tynamo > Login." > b) I'd like to style it differently, add company logo and maybe even edit > html > (You could override but) don't try to customize it, instead just create your own custom login page, you could copy the login page source and modify from there. 2) > I'd like to hook up a processing interceptor after successful login. > In essence, after shiro accepts credentials, instead of letting it go > to my Tapestry page, I'd like to display my own page which asks for > more information (say two factor authentication). > As Dusko said, use the symbols. Kalle > On Wed, Nov 9, 2016 at 6:54 PM, Kalle Korhonen > wrote: > > Need to specify the library since it's not your own component - loginPage > > is just a local attribute name. Use or > > just replace the whole block with <:tsecurity.loginlink>. > > > > Kalle > > > > On Wed, Nov 9, 2016 at 9:03 AM, Adam X wrote: > > > >> I have tapestry-security integrated and working in my project. Page > >> classes annotated with shiro such as @RequiresAuthentication get > >> intercepted with the login page. > >> > >> What is the best way to create a link on my page that redirects to tap > >> security login page? > >> > >> In my Laout.java I tried this: > >> > >> @Property > >> @Inject > >> private SecurityService securityService; > >> > >> @Property > >> @InjectPage > >> private org.tynamo.security.pages.Login loginPage; > >> > >> then in my Layout.tml I have this: > >> > >> > >> ${securityService.subject.principal} > >> > >> Guest (Sign In) > >> > >> > >> > >> But Tapestry is unable to find this Tynamo page, even though it is > >> clearly there: > >> > >> Caused by: org.apache.tapestry5.ioc.util.UnknownValueException: Unable > >> to resolve 'loginPage' to a known page name > >> > >> What is the accepted (or recommended) way to bring up the login page > >> in such a setup? > >> > >> - > >> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org > >> For additional commands, e-mail: users-h...@tapestry.apache.org > >> > >> > > - > To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org > For additional commands, e-mail: users-h...@tapestry.apache.org > >
Re: Tynamo Security Login Page
The behaviors that you are describing can be easily configured using Symbols. Take a look at the SecuritySymbols class: https://github.com/tynamo/tapestry-security/blob/master/src/main/java/org/tynamo/security/SecuritySymbols.java The Symbols that you are looking for are: LOGIN_URL and SUCCESS_URL. The idea is to provide your own pages instead of the default ones. Here's how the defaults are configured, you need to override those in your own module: https://github.com/tynamo/tapestry-security/blob/master/src/main/java/org/tynamo/security/services/SecurityModule.java#L121 I also agree Kalle rocks. On Thu, Nov 10, 2016 at 11:51 AM, Adam X wrote: > Kyle, you rock man. Works like a charm. > > I'm sorry for having so many questions but I like > tapestry-secruity/shiro and I'd like to integrate it all the way in my > solution. So I have few more follow ups: > > 1) > How do I customize the login page? > a) I'd like to edit error messages: "You must provide a value for Tynamo > Login." > b) I'd like to style it differently, add company logo and maybe even edit > html > > 2) > I'd like to hook up a processing interceptor after successful login. > In essence, after shiro accepts credentials, instead of letting it go > to my Tapestry page, I'd like to display my own page which asks for > more information (say two factor authentication). > > Adam > > On Wed, Nov 9, 2016 at 6:54 PM, Kalle Korhonen > wrote: > > Need to specify the library since it's not your own component - loginPage > > is just a local attribute name. Use or > > just replace the whole block with <:tsecurity.loginlink>. > > > > Kalle > > > > On Wed, Nov 9, 2016 at 9:03 AM, Adam X wrote: > > > >> I have tapestry-security integrated and working in my project. Page > >> classes annotated with shiro such as @RequiresAuthentication get > >> intercepted with the login page. > >> > >> What is the best way to create a link on my page that redirects to tap > >> security login page? > >> > >> In my Laout.java I tried this: > >> > >> @Property > >> @Inject > >> private SecurityService securityService; > >> > >> @Property > >> @InjectPage > >> private org.tynamo.security.pages.Login loginPage; > >> > >> then in my Layout.tml I have this: > >> > >> > >> ${securityService.subject.principal} > >> > >> Guest (Sign In) > >> > >> > >> > >> But Tapestry is unable to find this Tynamo page, even though it is > >> clearly there: > >> > >> Caused by: org.apache.tapestry5.ioc.util.UnknownValueException: Unable > >> to resolve 'loginPage' to a known page name > >> > >> What is the accepted (or recommended) way to bring up the login page > >> in such a setup? > >> > >> - > >> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org > >> For additional commands, e-mail: users-h...@tapestry.apache.org > >> > >> > > - > To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org > For additional commands, e-mail: users-h...@tapestry.apache.org > >
Re: Tynamo Security Login Page
Kyle, you rock man. Works like a charm. I'm sorry for having so many questions but I like tapestry-secruity/shiro and I'd like to integrate it all the way in my solution. So I have few more follow ups: 1) How do I customize the login page? a) I'd like to edit error messages: "You must provide a value for Tynamo Login." b) I'd like to style it differently, add company logo and maybe even edit html 2) I'd like to hook up a processing interceptor after successful login. In essence, after shiro accepts credentials, instead of letting it go to my Tapestry page, I'd like to display my own page which asks for more information (say two factor authentication). Adam On Wed, Nov 9, 2016 at 6:54 PM, Kalle Korhonen wrote: > Need to specify the library since it's not your own component - loginPage > is just a local attribute name. Use or > just replace the whole block with <:tsecurity.loginlink>. > > Kalle > > On Wed, Nov 9, 2016 at 9:03 AM, Adam X wrote: > >> I have tapestry-security integrated and working in my project. Page >> classes annotated with shiro such as @RequiresAuthentication get >> intercepted with the login page. >> >> What is the best way to create a link on my page that redirects to tap >> security login page? >> >> In my Laout.java I tried this: >> >> @Property >> @Inject >> private SecurityService securityService; >> >> @Property >> @InjectPage >> private org.tynamo.security.pages.Login loginPage; >> >> then in my Layout.tml I have this: >> >> >> ${securityService.subject.principal} >> >> Guest (Sign In) >> >> >> >> But Tapestry is unable to find this Tynamo page, even though it is >> clearly there: >> >> Caused by: org.apache.tapestry5.ioc.util.UnknownValueException: Unable >> to resolve 'loginPage' to a known page name >> >> What is the accepted (or recommended) way to bring up the login page >> in such a setup? >> >> - >> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org >> For additional commands, e-mail: users-h...@tapestry.apache.org >> >> - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Re: Zone update and inactive timeout
The problem is caused by AJAX polling, and it is not specific to Tapestry, but to how Java servlet containers manage sessions. I had similar one (AJAX polling with Jetty) and IIRC I solved it by implementing my own SessionHandler and SessionManager classes (subclassing and replacing ones provided by Jetty) that avoided "de-idling" sessions for AJAX-polling related paths. Best regards, Cezary On Thu, Nov 10, 2016 at 9:26 AM, .. ... wrote: > Hi, > > I am using tapestry 5.4.1 together with jetty 9.2.14.v20151106. > > I want to set inactive timeout. When users is doing nothing application > should logout after some time. > I set timeout by setting > webapp.getSessionHandler().getSessionManager().setMaxInactiveInterval(30) > to 30 seconds. Zone in webpage updates every 5 seconds. With these settings > session was unable to timeout. > > When I set maxInactiveInterval to one second, session expires as expected. > > Is there any way to have larger timeout than zone update interval? > > Vavricka >
Re: Zone update and inactive timeout
Hi Vavricka, every time you poll the server the session timeout is reset. You could track real user activity on your own in the browser using some js and issue a logout request after 30 minutes or so... Cheers Christian > Am 10.11.2016 um 09:26 schrieb .. ... : > > Hi, > > I am using tapestry 5.4.1 together with jetty 9.2.14.v20151106. > > I want to set inactive timeout. When users is doing nothing application > should logout after some time. > I set timeout by setting > webapp.getSessionHandler().getSessionManager().setMaxInactiveInterval(30) > to 30 seconds. Zone in webpage updates every 5 seconds. With these settings > session was unable to timeout. > > When I set maxInactiveInterval to one second, session expires as expected. > > Is there any way to have larger timeout than zone update interval? > > Vavricka - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Zone update and inactive timeout
Hi, I am using tapestry 5.4.1 together with jetty 9.2.14.v20151106. I want to set inactive timeout. When users is doing nothing application should logout after some time. I set timeout by setting webapp.getSessionHandler().getSessionManager().setMaxInactiveInterval(30) to 30 seconds. Zone in webpage updates every 5 seconds. With these settings session was unable to timeout. When I set maxInactiveInterval to one second, session expires as expected. Is there any way to have larger timeout than zone update interval? Vavricka