Re: How to decorate a service that has already been decorated ?
The solution i used is to create the inderiction key at the very end of activation encoding in ContextValueEncoder. I mean just after toClient() call, i get the resulting string and transform it. Then before calling delegated toValue i retrieve the direct reference from the indirection key provided as a parameter to the toValue method. I see this drawback to my approach, it's that i do not have access to many informations about which parameter is decoded, thus disabling for a specific parameter will be hard to implement, i can handle disabling per page. On the other side, this entry point is satisfying for other reason, i manipulate only String no need to define multiple ContextValueEncoders. I have to find a solution between yours (which is more flexible regarding the type of target value) and mine that is fairly simple to implement. Regards, Christophe. 2010/2/3 Thiago H. de Paula Figueiredo > On Wed, 03 Feb 2010 07:09:54 -0200, Peter Stavrinides < > p.stavrini...@albourne.com> wrote: > > Interesting solution! >> > > ActivationContextEncoder aand friends are part of the Tapestry CRUD > package. If you provide the object access logic, the package invokes it > automatically for you. > > > -- > Thiago H. de Paula Figueiredo > Independent Java, Apache Tapestry 5 and Hibernate consultant, developer, > and instructor > Owner, software architect and developer, Ars Machina Tecnologia da > Informação Ltda. > http://www.arsmachina.com.br > > - > To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org > For additional commands, e-mail: users-h...@tapestry.apache.org > >
Re: How to decorate a service that has already been decorated ?
On Wed, 03 Feb 2010 07:09:54 -0200, Peter Stavrinides wrote: Interesting solution! ActivationContextEncoder aand friends are part of the Tapestry CRUD package. If you provide the object access logic, the package invokes it automatically for you. -- Thiago H. de Paula Figueiredo Independent Java, Apache Tapestry 5 and Hibernate consultant, developer, and instructor Owner, software architect and developer, Ars Machina Tecnologia da Informação Ltda. http://www.arsmachina.com.br - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Re: How to decorate a service that has already been decorated ?
> Not 100% related, but I created an ActivationContextEncoder interface > and corresponding ActivationContextEncoderSource service. This way, I can > have the logic for generating the activation context value for a given > type separate from its ValudeEncoder logic. The above pseudo-id lookup > logic above could be implemented in a reusable way with > ActivationContextEncoder. Interesting solution! I agree that one way or another you can't avoid these checks, so better to find a way to make this code reusable and as generic as possible. My solution was to annotate my pages in order to determine the referenced context variables at runtime, then reuse the checking code in a service injected in a base page/s (or even a dispatcher)... perhaps not as elegant as yours, but its flexible and it works for me. cheers, Peter - Original Message - From: "Thiago H. de Paula Figueiredo" To: "Tapestry users" Sent: Wednesday, 3 February, 2010 02:43:11 GMT +02:00 Athens, Beirut, Bucharest, Istanbul Subject: Re: How to decorate a service that has already been decorated ? On Tue, 02 Feb 2010 19:21:22 -0200, Howard Lewis Ship wrote: > Intresting. So perhaps instead of encoding the primary key of a > Hibernate entity directly, you'd instead maintain a lookup combining > user id and object id, mapped to a random string. The random string > would have to be in some kind of fast lookup table stored persistently > (perhaps in the DB for sharing across the cluster, if any). Is the overhead worth it? As attackers car intercept the URLs, you still need to check if the user can access that data. > Anyway, that's the kind of idea that popped into my head ... what's > your solution looking like? Not 100% related, but I created an ActivationContextEncoder interface and corresponding ActivationContextEncoderSource service. This way, I can have the logic for generating the activation context value for a given type separate from its ValudeEncoder logic. The above pseudo-id lookup logic above could be implemented in a reusable way with ActivationContextEncoder. -- Thiago H. de Paula Figueiredo Independent Java, Apache Tapestry 5 and Hibernate consultant, developer, and instructor Owner, software architect and developer, Ars Machina Tecnologia da Informação Ltda. http://www.arsmachina.com.br - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Re: How to decorate a service that has already been decorated ?
Hi Because not all our team are using Tapestry-hibernate, i have implemented the solution with contributions to tapestry-core. I have decorated the ContextValueEncoder and ComponentEventLinkEncoder for link generation and request decoding. The developper specify if he wants to indirect activation/event context parameters by providing an annotation @HideDirectReference on its page. Also, i had to implement a ComponentRequestFilter to check if parameters must be decode with indirection map in function of the targeted resource. To implement the indirection map, at the moment i have used this API http://owasp-esapi-java.googlecode.com/svn/trunk_doc/latest/index.html that is suggested by OWASP fundation. But it contains a lot of thing that Tapestry does by default. So i think that i will switch to a custom implementation based on Tapestry Strategy pattern that will be more flexible for exemple to handle cluster environment as you mention id. BTW two implementations already exists a simple algorithm based on Integer and another based on random key generation that has more effects on CSRF attacks. Also, i will investigate on the solution suggested by Thiago to handle different type of key generation policies. Best Regards, Christophe. 2010/2/2 Howard Lewis Ship > Intresting. So perhaps instead of encoding the primary key of a > Hibernate entity directly, you'd instead maintain a lookup combining > user id and object id, mapped to a random string. The random string > would have to be in some kind of fast lookup table stored persistently > (perhaps in the DB for sharing across the cluster, if any). > > Anyway, that's the kind of idea that popped into my head ... what's > your solution looking like? > > On Tue, Feb 2, 2010 at 10:42 AM, cordenier christophe > wrote: > > An old link > > > http://www.owasp.org/index.php/Top_10_2007-Insecure_Direct_Object_Referencebut > > principle is there. > > > > 2010/2/2 cordenier christophe > > > >> OWASP A4 is : Avoid Insecure Direct Object References (in URL in my > case) > >> > >> Suggested implementation is to indirect all direct reference to entity > ids > >> for exemple. > >> > >> BTW The solution provided by Howard works like a charm, i will add it to > my > >> guideline. > >> > >> Thanks again, > >> Christophe. > >> > >> 2010/2/2 Thiago H. de Paula Figueiredo > >> > >> On Tue, 02 Feb 2010 16:08:41 -0200, cordenier christophe < > >>> christophe.corden...@gmail.com> wrote: > >>> > >>> Actually i am trying to decorate ComponentEventLinkEncoder to > implement a > solution for OWASP A4 recommandation. > > >>> > >>> Which recommendation? Just curious. :) > >>> > >>> -- > >>> Thiago H. de Paula Figueiredo > >>> Independent Java, Apache Tapestry 5 and Hibernate consultant, > developer, > >>> and instructor > >>> Owner, software architect and developer, Ars Machina Tecnologia da > >>> Informação Ltda. > >>> http://www.arsmachina.com.br > >>> > >>> - > >>> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org > >>> For additional commands, e-mail: users-h...@tapestry.apache.org > >>> > >>> > >> > > > > > > -- > Howard M. Lewis Ship > > Creator of Apache Tapestry > > The source for Tapestry training, mentoring and support. Contact me to > learn how I can get you up and productive in Tapestry fast! > > (971) 678-5210 > http://howardlewisship.com > > - > To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org > For additional commands, e-mail: users-h...@tapestry.apache.org > >
Re: How to decorate a service that has already been decorated ?
Actually, this OWASP rule does not exclude access checking. But using temporary indirection keys has also effects on CSRF attacks. 2010/2/3 Thiago H. de Paula Figueiredo > On Tue, 02 Feb 2010 19:21:22 -0200, Howard Lewis Ship > wrote: > > Intresting. So perhaps instead of encoding the primary key of a >> Hibernate entity directly, you'd instead maintain a lookup combining >> user id and object id, mapped to a random string. The random string >> would have to be in some kind of fast lookup table stored persistently >> (perhaps in the DB for sharing across the cluster, if any). >> > > Is the overhead worth it? As attackers car intercept the URLs, you still > need to check if the user can access that data. > > Anyway, that's the kind of idea that popped into my head ... what's >> your solution looking like? >> > > Not 100% related, but I created an ActivationContextEncoder interface > and corresponding ActivationContextEncoderSource service. This way, I can > have the logic for generating the activation context value for a given type > separate from its ValudeEncoder logic. The above pseudo-id lookup logic > above could be implemented in a reusable way with ActivationContextEncoder. > -- > Thiago H. de Paula Figueiredo > Independent Java, Apache Tapestry 5 and Hibernate consultant, developer, > and instructor > Owner, software architect and developer, Ars Machina Tecnologia da > Informação Ltda. > http://www.arsmachina.com.br > > - > To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org > For additional commands, e-mail: users-h...@tapestry.apache.org > >
Re: How to decorate a service that has already been decorated ?
On Tue, 02 Feb 2010 19:21:22 -0200, Howard Lewis Ship wrote: Intresting. So perhaps instead of encoding the primary key of a Hibernate entity directly, you'd instead maintain a lookup combining user id and object id, mapped to a random string. The random string would have to be in some kind of fast lookup table stored persistently (perhaps in the DB for sharing across the cluster, if any). Is the overhead worth it? As attackers car intercept the URLs, you still need to check if the user can access that data. Anyway, that's the kind of idea that popped into my head ... what's your solution looking like? Not 100% related, but I created an ActivationContextEncoder interface and corresponding ActivationContextEncoderSource service. This way, I can have the logic for generating the activation context value for a given type separate from its ValudeEncoder logic. The above pseudo-id lookup logic above could be implemented in a reusable way with ActivationContextEncoder. -- Thiago H. de Paula Figueiredo Independent Java, Apache Tapestry 5 and Hibernate consultant, developer, and instructor Owner, software architect and developer, Ars Machina Tecnologia da Informação Ltda. http://www.arsmachina.com.br - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Re: How to decorate a service that has already been decorated ?
On Tue, 02 Feb 2010 16:30:02 -0200, cordenier christophe wrote: OWASP A4 is : Avoid Insecure Direct Object References (in URL in my case) Suggested implementation is to indirect all direct reference to entity ids for exemple. As long as you check if the user can access that object, I don't any major problem with exposing object ids. -- Thiago H. de Paula Figueiredo Independent Java, Apache Tapestry 5 and Hibernate consultant, developer, and instructor Owner, software architect and developer, Ars Machina Tecnologia da Informação Ltda. http://www.arsmachina.com.br - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Re: How to decorate a service that has already been decorated ?
Intresting. So perhaps instead of encoding the primary key of a Hibernate entity directly, you'd instead maintain a lookup combining user id and object id, mapped to a random string. The random string would have to be in some kind of fast lookup table stored persistently (perhaps in the DB for sharing across the cluster, if any). Anyway, that's the kind of idea that popped into my head ... what's your solution looking like? On Tue, Feb 2, 2010 at 10:42 AM, cordenier christophe wrote: > An old link > http://www.owasp.org/index.php/Top_10_2007-Insecure_Direct_Object_Reference > but > principle is there. > > 2010/2/2 cordenier christophe > >> OWASP A4 is : Avoid Insecure Direct Object References (in URL in my case) >> >> Suggested implementation is to indirect all direct reference to entity ids >> for exemple. >> >> BTW The solution provided by Howard works like a charm, i will add it to my >> guideline. >> >> Thanks again, >> Christophe. >> >> 2010/2/2 Thiago H. de Paula Figueiredo >> >> On Tue, 02 Feb 2010 16:08:41 -0200, cordenier christophe < >>> christophe.corden...@gmail.com> wrote: >>> >>> Actually i am trying to decorate ComponentEventLinkEncoder to implement a solution for OWASP A4 recommandation. >>> >>> Which recommendation? Just curious. :) >>> >>> -- >>> Thiago H. de Paula Figueiredo >>> Independent Java, Apache Tapestry 5 and Hibernate consultant, developer, >>> and instructor >>> Owner, software architect and developer, Ars Machina Tecnologia da >>> Informação Ltda. >>> http://www.arsmachina.com.br >>> >>> - >>> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org >>> For additional commands, e-mail: users-h...@tapestry.apache.org >>> >>> >> > -- Howard M. Lewis Ship Creator of Apache Tapestry The source for Tapestry training, mentoring and support. Contact me to learn how I can get you up and productive in Tapestry fast! (971) 678-5210 http://howardlewisship.com - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Re: How to decorate a service that has already been decorated ?
An old link http://www.owasp.org/index.php/Top_10_2007-Insecure_Direct_Object_Reference but principle is there. 2010/2/2 cordenier christophe > OWASP A4 is : Avoid Insecure Direct Object References (in URL in my case) > > Suggested implementation is to indirect all direct reference to entity ids > for exemple. > > BTW The solution provided by Howard works like a charm, i will add it to my > guideline. > > Thanks again, > Christophe. > > 2010/2/2 Thiago H. de Paula Figueiredo > > On Tue, 02 Feb 2010 16:08:41 -0200, cordenier christophe < >> christophe.corden...@gmail.com> wrote: >> >> Actually i am trying to decorate ComponentEventLinkEncoder to implement a >>> solution for OWASP A4 recommandation. >>> >> >> Which recommendation? Just curious. :) >> >> -- >> Thiago H. de Paula Figueiredo >> Independent Java, Apache Tapestry 5 and Hibernate consultant, developer, >> and instructor >> Owner, software architect and developer, Ars Machina Tecnologia da >> Informação Ltda. >> http://www.arsmachina.com.br >> >> - >> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org >> For additional commands, e-mail: users-h...@tapestry.apache.org >> >> >
Re: How to decorate a service that has already been decorated ?
OWASP A4 is : Avoid Insecure Direct Object References (in URL in my case) Suggested implementation is to indirect all direct reference to entity ids for exemple. BTW The solution provided by Howard works like a charm, i will add it to my guideline. Thanks again, Christophe. 2010/2/2 Thiago H. de Paula Figueiredo > On Tue, 02 Feb 2010 16:08:41 -0200, cordenier christophe < > christophe.corden...@gmail.com> wrote: > > Actually i am trying to decorate ComponentEventLinkEncoder to implement a >> solution for OWASP A4 recommandation. >> > > Which recommendation? Just curious. :) > > -- > Thiago H. de Paula Figueiredo > Independent Java, Apache Tapestry 5 and Hibernate consultant, developer, > and instructor > Owner, software architect and developer, Ars Machina Tecnologia da > Informação Ltda. > http://www.arsmachina.com.br > > - > To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org > For additional commands, e-mail: users-h...@tapestry.apache.org > >
Re: How to decorate a service that has already been decorated ?
On Tue, 02 Feb 2010 16:08:41 -0200, cordenier christophe wrote: Actually i am trying to decorate ComponentEventLinkEncoder to implement a solution for OWASP A4 recommandation. Which recommendation? Just curious. :) -- Thiago H. de Paula Figueiredo Independent Java, Apache Tapestry 5 and Hibernate consultant, developer, and instructor Owner, software architect and developer, Ars Machina Tecnologia da Informação Ltda. http://www.arsmachina.com.br - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Re: How to decorate a service that has already been decorated ?
Thanks for the advice. Actually, this is TapestryModule that decorates this service for URLRewriting. Christophe. 2010/2/2 Howard Lewis Ship > I suspect you have two different modules both with methods named > "decorateComponentEventLinkEncoder". This is the ugly side of naming > conventions. > > Rename your method to something like "decorateWithOWASPSupport" and > use a @Match annotation to identify the target service to decorate: > "ComponentEventLinkEncoder". > > On Tue, Feb 2, 2010 at 10:08 AM, cordenier christophe > wrote: > > Actually i am trying to decorate ComponentEventLinkEncoder to implement a > > solution for OWASP A4 recommandation. > > > > The behavior is strange, i have this warning when running jetty:run > > > > WARN Could not add object with duplicate id 'ComponentEventLinkEncoder'. > > The duplicate object has been ignored. > > > > But my decoration seems to work in debug mode > > > > I guess, there is something wrong in my configuration. I will see if i > > didn't miss anything. > > > > Thanks, > > Christophe > > > > 2010/2/2 Howard Lewis Ship > > > >> I use the decorate approach when I'm providing a decoration using a > >> known interface, and I use advice when I'm providing a concern across > >> a large number of different interfaces (since advice can adapt to any > >> method of any interface). > >> > >> Both are built to support multiple contributions (either multiple > >> interceptors when using decoration, or multiple advice). > >> > >> On Tue, Feb 2, 2010 at 9:52 AM, cordenier christophe > >> wrote: > >> > Hi > >> > > >> > I am using decorateXxx because i prefer this way of decorating, but if > >> you > >> > suggest to do it with advisors, i'll do it this way. > >> > > >> > I wil give it a try. > >> > > >> > Thanks, > >> > Christophe > >> > > >> > 2010/2/2 Thiago H. de Paula Figueiredo > >> > > >> >> On Tue, 02 Feb 2010 15:40:04 -0200, cordenier christophe < > >> >> christophe.corden...@gmail.com> wrote: > >> >> > >> >> Hi > >> >>> > >> >> > >> >> Hi! > >> >> > >> >> I am facing this problem by decorating ComponentEventLinkEncoder, > the > >> >>> result is that my decoration is ignored or it fails with a > >> >>> StackOverflowException. > >> >>> > >> >> > >> >> Are you using decoration (decorateXXX methods) or advice (adviseXXX > >> >> methods)? > >> >> > >> >> -- > >> >> Thiago H. de Paula Figueiredo > >> >> Independent Java, Apache Tapestry 5 and Hibernate consultant, > developer, > >> >> and instructor > >> >> Owner, software architect and developer, Ars Machina Tecnologia da > >> >> Informação Ltda. > >> >> http://www.arsmachina.com.br > >> >> > >> >> - > >> >> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org > >> >> For additional commands, e-mail: users-h...@tapestry.apache.org > >> >> > >> >> > >> > > >> > >> > >> > >> -- > >> Howard M. Lewis Ship > >> > >> Creator of Apache Tapestry > >> > >> The source for Tapestry training, mentoring and support. Contact me to > >> learn how I can get you up and productive in Tapestry fast! > >> > >> (971) 678-5210 > >> http://howardlewisship.com > >> > >> - > >> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org > >> For additional commands, e-mail: users-h...@tapestry.apache.org > >> > >> > > > > > > -- > Howard M. Lewis Ship > > Creator of Apache Tapestry > > The source for Tapestry training, mentoring and support. Contact me to > learn how I can get you up and productive in Tapestry fast! > > (971) 678-5210 > http://howardlewisship.com > > - > To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org > For additional commands, e-mail: users-h...@tapestry.apache.org > >
Re: How to decorate a service that has already been decorated ?
I suspect you have two different modules both with methods named "decorateComponentEventLinkEncoder". This is the ugly side of naming conventions. Rename your method to something like "decorateWithOWASPSupport" and use a @Match annotation to identify the target service to decorate: "ComponentEventLinkEncoder". On Tue, Feb 2, 2010 at 10:08 AM, cordenier christophe wrote: > Actually i am trying to decorate ComponentEventLinkEncoder to implement a > solution for OWASP A4 recommandation. > > The behavior is strange, i have this warning when running jetty:run > > WARN Could not add object with duplicate id 'ComponentEventLinkEncoder'. > The duplicate object has been ignored. > > But my decoration seems to work in debug mode > > I guess, there is something wrong in my configuration. I will see if i > didn't miss anything. > > Thanks, > Christophe > > 2010/2/2 Howard Lewis Ship > >> I use the decorate approach when I'm providing a decoration using a >> known interface, and I use advice when I'm providing a concern across >> a large number of different interfaces (since advice can adapt to any >> method of any interface). >> >> Both are built to support multiple contributions (either multiple >> interceptors when using decoration, or multiple advice). >> >> On Tue, Feb 2, 2010 at 9:52 AM, cordenier christophe >> wrote: >> > Hi >> > >> > I am using decorateXxx because i prefer this way of decorating, but if >> you >> > suggest to do it with advisors, i'll do it this way. >> > >> > I wil give it a try. >> > >> > Thanks, >> > Christophe >> > >> > 2010/2/2 Thiago H. de Paula Figueiredo >> > >> >> On Tue, 02 Feb 2010 15:40:04 -0200, cordenier christophe < >> >> christophe.corden...@gmail.com> wrote: >> >> >> >> Hi >> >>> >> >> >> >> Hi! >> >> >> >> I am facing this problem by decorating ComponentEventLinkEncoder, the >> >>> result is that my decoration is ignored or it fails with a >> >>> StackOverflowException. >> >>> >> >> >> >> Are you using decoration (decorateXXX methods) or advice (adviseXXX >> >> methods)? >> >> >> >> -- >> >> Thiago H. de Paula Figueiredo >> >> Independent Java, Apache Tapestry 5 and Hibernate consultant, developer, >> >> and instructor >> >> Owner, software architect and developer, Ars Machina Tecnologia da >> >> Informação Ltda. >> >> http://www.arsmachina.com.br >> >> >> >> - >> >> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org >> >> For additional commands, e-mail: users-h...@tapestry.apache.org >> >> >> >> >> > >> >> >> >> -- >> Howard M. Lewis Ship >> >> Creator of Apache Tapestry >> >> The source for Tapestry training, mentoring and support. Contact me to >> learn how I can get you up and productive in Tapestry fast! >> >> (971) 678-5210 >> http://howardlewisship.com >> >> - >> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org >> For additional commands, e-mail: users-h...@tapestry.apache.org >> >> > -- Howard M. Lewis Ship Creator of Apache Tapestry The source for Tapestry training, mentoring and support. Contact me to learn how I can get you up and productive in Tapestry fast! (971) 678-5210 http://howardlewisship.com - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Re: How to decorate a service that has already been decorated ?
Actually i am trying to decorate ComponentEventLinkEncoder to implement a solution for OWASP A4 recommandation. The behavior is strange, i have this warning when running jetty:run WARN Could not add object with duplicate id 'ComponentEventLinkEncoder'. The duplicate object has been ignored. But my decoration seems to work in debug mode I guess, there is something wrong in my configuration. I will see if i didn't miss anything. Thanks, Christophe 2010/2/2 Howard Lewis Ship > I use the decorate approach when I'm providing a decoration using a > known interface, and I use advice when I'm providing a concern across > a large number of different interfaces (since advice can adapt to any > method of any interface). > > Both are built to support multiple contributions (either multiple > interceptors when using decoration, or multiple advice). > > On Tue, Feb 2, 2010 at 9:52 AM, cordenier christophe > wrote: > > Hi > > > > I am using decorateXxx because i prefer this way of decorating, but if > you > > suggest to do it with advisors, i'll do it this way. > > > > I wil give it a try. > > > > Thanks, > > Christophe > > > > 2010/2/2 Thiago H. de Paula Figueiredo > > > >> On Tue, 02 Feb 2010 15:40:04 -0200, cordenier christophe < > >> christophe.corden...@gmail.com> wrote: > >> > >> Hi > >>> > >> > >> Hi! > >> > >> I am facing this problem by decorating ComponentEventLinkEncoder, the > >>> result is that my decoration is ignored or it fails with a > >>> StackOverflowException. > >>> > >> > >> Are you using decoration (decorateXXX methods) or advice (adviseXXX > >> methods)? > >> > >> -- > >> Thiago H. de Paula Figueiredo > >> Independent Java, Apache Tapestry 5 and Hibernate consultant, developer, > >> and instructor > >> Owner, software architect and developer, Ars Machina Tecnologia da > >> Informação Ltda. > >> http://www.arsmachina.com.br > >> > >> - > >> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org > >> For additional commands, e-mail: users-h...@tapestry.apache.org > >> > >> > > > > > > -- > Howard M. Lewis Ship > > Creator of Apache Tapestry > > The source for Tapestry training, mentoring and support. Contact me to > learn how I can get you up and productive in Tapestry fast! > > (971) 678-5210 > http://howardlewisship.com > > - > To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org > For additional commands, e-mail: users-h...@tapestry.apache.org > >
Re: How to decorate a service that has already been decorated ?
I use the decorate approach when I'm providing a decoration using a known interface, and I use advice when I'm providing a concern across a large number of different interfaces (since advice can adapt to any method of any interface). Both are built to support multiple contributions (either multiple interceptors when using decoration, or multiple advice). On Tue, Feb 2, 2010 at 9:52 AM, cordenier christophe wrote: > Hi > > I am using decorateXxx because i prefer this way of decorating, but if you > suggest to do it with advisors, i'll do it this way. > > I wil give it a try. > > Thanks, > Christophe > > 2010/2/2 Thiago H. de Paula Figueiredo > >> On Tue, 02 Feb 2010 15:40:04 -0200, cordenier christophe < >> christophe.corden...@gmail.com> wrote: >> >> Hi >>> >> >> Hi! >> >> I am facing this problem by decorating ComponentEventLinkEncoder, the >>> result is that my decoration is ignored or it fails with a >>> StackOverflowException. >>> >> >> Are you using decoration (decorateXXX methods) or advice (adviseXXX >> methods)? >> >> -- >> Thiago H. de Paula Figueiredo >> Independent Java, Apache Tapestry 5 and Hibernate consultant, developer, >> and instructor >> Owner, software architect and developer, Ars Machina Tecnologia da >> Informação Ltda. >> http://www.arsmachina.com.br >> >> - >> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org >> For additional commands, e-mail: users-h...@tapestry.apache.org >> >> > -- Howard M. Lewis Ship Creator of Apache Tapestry The source for Tapestry training, mentoring and support. Contact me to learn how I can get you up and productive in Tapestry fast! (971) 678-5210 http://howardlewisship.com - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Re: How to decorate a service that has already been decorated ?
Hi I am using decorateXxx because i prefer this way of decorating, but if you suggest to do it with advisors, i'll do it this way. I wil give it a try. Thanks, Christophe 2010/2/2 Thiago H. de Paula Figueiredo > On Tue, 02 Feb 2010 15:40:04 -0200, cordenier christophe < > christophe.corden...@gmail.com> wrote: > > Hi >> > > Hi! > > I am facing this problem by decorating ComponentEventLinkEncoder, the >> result is that my decoration is ignored or it fails with a >> StackOverflowException. >> > > Are you using decoration (decorateXXX methods) or advice (adviseXXX > methods)? > > -- > Thiago H. de Paula Figueiredo > Independent Java, Apache Tapestry 5 and Hibernate consultant, developer, > and instructor > Owner, software architect and developer, Ars Machina Tecnologia da > Informação Ltda. > http://www.arsmachina.com.br > > - > To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org > For additional commands, e-mail: users-h...@tapestry.apache.org > >
Re: How to decorate a service that has already been decorated ?
On Tue, 02 Feb 2010 15:40:04 -0200, cordenier christophe wrote: Hi Hi! I am facing this problem by decorating ComponentEventLinkEncoder, the result is that my decoration is ignored or it fails with a StackOverflowException. Are you using decoration (decorateXXX methods) or advice (adviseXXX methods)? -- Thiago H. de Paula Figueiredo Independent Java, Apache Tapestry 5 and Hibernate consultant, developer, and instructor Owner, software architect and developer, Ars Machina Tecnologia da Informação Ltda. http://www.arsmachina.com.br - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org