RE: Tapestry/Acegi Integration...
Scott,
Thank you for your kind words. No, it's not quite complete. I plan on
adding in ACL support and other stuff. I just wanted to get a "proof of
concept" out there. The AuthenticationManager and the AccessDecisionManager
will be set automatically by HiveMind, by including the hivemind-acegi
module jar file on the classpath. There are certain aspects of the Acegi
support that are not exactly specific to Tapestry, so I abstracted them out
into their own library so that others could use it. The tapernate-example
application uses the Tapestry/Acegi integration. It's available via SVN at:
www.carmanconsulting.com/svn/public/tapernate-example/trunk
You can build it using Maven2 and it will automagically download everything
it needs (including the hivemind-acegi stuff). I need to add in some other
Maven2 repositories into the pom.xml file so that some of the specification
jars (JTA, JPA, etc.) will be downloaded automatically without having to
manually copy stuff into your local repo.
James
-Original Message-
From: Scott Russell [mailto:[EMAIL PROTECTED]
Sent: Saturday, June 17, 2006 11:04 PM
To: users@tapestry.apache.org
Subject: Re: Tapestry/Acegi Integration...
Hi James,
I took a look at the Tapestry-Acegi integration project at
http://www.carmanconsulting.com/tapestry-acegi/ . It looks very nice,
certainly a cleaner integration than what I have used before.
I am just wondering how complete it is. Looking through the code, it appears
that the configuration is incomplete, at least, as much as I can see the
SecurityUtils service-point seems not to have the authenticationManager or
accessDecisionManager properties set.
Do you have any examples for how to use this in one's app, and override or
set
the properties on the service-points like SecurityUtils and
ExceptionTranslationFilter?
regards,
Scott
On Thursday 08 June 2006 12:37, James Carman wrote:
> All,
>
> I have taken a stab at Tapestry/Acegi integration. The Tapernate example
> application now uses Acegi to secure the CreateMessage page (using a
> @Secured("ROLE_USER") annotation). By no means is this the final version.
> I just wanted to get it in front of some folks to see what they thought.
> Enjoy!
>
> James
>
>
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tapestry/Acegi Integration...
Hi James,
I took a look at the Tapestry-Acegi integration project at
http://www.carmanconsulting.com/tapestry-acegi/ . It looks very nice,
certainly a cleaner integration than what I have used before.
I am just wondering how complete it is. Looking through the code, it appears
that the configuration is incomplete, at least, as much as I can see the
SecurityUtils service-point seems not to have the authenticationManager or
accessDecisionManager properties set.
Do you have any examples for how to use this in one's app, and override or set
the properties on the service-points like SecurityUtils and
ExceptionTranslationFilter?
regards,
Scott
On Thursday 08 June 2006 12:37, James Carman wrote:
> All,
>
> I have taken a stab at Tapestry/Acegi integration. The Tapernate example
> application now uses Acegi to secure the CreateMessage page (using a
> @Secured("ROLE_USER") annotation). By no means is this the final version.
> I just wanted to get it in front of some folks to see what they thought.
> Enjoy!
>
> James
>
>
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tapestry/Acegi Integration...
got in with 'anonymous' and 'anon'. -- View this message in context: http://www.nabble.com/Tapestry-Acegi-Integration...-t1752611.html#a4847443 Sent from the Tapestry - User forum at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tapestry/Acegi Integration...
James, I tried getting access to the SVN repository via javaforge using my 'bkbonner' ID, but was unable. It said 'Tapernate project wasn't found' when doing a search. ??? I'm interested in the @Secured component you were discussing. Is this out in SVN? p.s. I see you're on maven ;) Brian -- View this message in context: http://www.nabble.com/Tapestry-Acegi-Integration...-t1752611.html#a4846956 Sent from the Tapestry - User forum at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tapestry/Acegi Integration...
n context (never
null)
*/
protected ApplicationContext getContext(){
return
XWebApplicationContextUtils.getRequiredWebApplicationContext(getWebContext()
);
}
@SuppressWarnings("unchecked")
private Integer[] parseIntegersString(String integersString)
throws NumberFormatException {
final Set integers = new HashSet();
final StringTokenizer tokenizer;
tokenizer = new StringTokenizer(integersString, ",", false);
while (tokenizer.hasMoreTokens()) {
String integer = tokenizer.nextToken();
integers.add(new Integer(integer));
}
return (Integer[]) integers.toArray(new Integer[] {});
}
}
-Original Message-
From: James Carman [mailto:[EMAIL PROTECTED]
Sent: Sunday, June 11, 2006 8:00 PM
To: 'Tapestry users'
Subject: RE: Tapestry/Acegi Integration...
Sounds good! I'll probably call mine Secured, since it will match up with
the @Secured annotation that we use in code. But, I'll probably lean on
some of the work you've done here once I get a chance to read through it.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tapestry/Acegi Integration...
Sounds good! I'll probably call mine Secured, since it will match up with
the @Secured annotation that we use in code. But, I'll probably lean on
some of the work you've done here once I get a chance to read through it.
-Original Message-
From: Jonathan Barker [mailto:[EMAIL PROTECTED]
Sent: Saturday, June 10, 2006 1:03 AM
To: 'Tapestry users'
Subject: RE: Tapestry/Acegi Integration...
Hi,
I've now been lurking for two years. I finally had a project where I could
use Tapestry... and Hibernate, and Spring, and Acegi... So many hills to
climb...
Anyway, I put together an @Authorize component combining code from the
Tapestry @If component and the JSP taglib from Acegi.
As it stands, it behaves exactly as an @If, except that it takes
comma-separated lists of roles as parameters like the Acegi Auuthorize tag.
I also use @Else along with it - it hardly seemed necessary to come up with
a different AuthorizeElse component I'm using it in production, and it
works beautifully. I have also put together an AclAuthorize component for
instance-based security, if you are interested.
I would be happy to see this component included in a properly maintained
library under the Apache license. At this point, I haven't even had a
chance to extract it into a library of my own or get back to it to clean up
the code and comments which include remnants of the taglib.
I haven't tried tapernate yet so I don't know if this is a simple drop-in.
Best regards,
Jonathan Barker
Code:
=
package ca.itstrategic.tls.ptpip.ui.tapestry.components;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import org.acegisecurity.Authentication;
import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.GrantedAuthorityImpl;
import org.acegisecurity.acl.AclManager;
import org.acegisecurity.context.SecurityContextHolder;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.hivemind.ApplicationRuntimeException;
import org.apache.hivemind.HiveMind;
import org.apache.tapestry.IActionListener;
import org.apache.tapestry.IBinding;
import org.apache.tapestry.IForm;
import org.apache.tapestry.IMarkupWriter;
import org.apache.tapestry.IRequestCycle;
import org.apache.tapestry.Tapestry;
import org.apache.tapestry.TapestryUtils;
import org.apache.tapestry.annotations.ComponentClass;
import org.apache.tapestry.annotations.InjectObject;
import org.apache.tapestry.annotations.Parameter;
import org.apache.tapestry.form.AbstractFormComponent;
import org.apache.tapestry.services.DataSqueezer;
import org.apache.tapestry.web.WebContext;
import org.apache.tapestry.web.WebRequest;
import org.springframework.context.ApplicationContext;
import org.springframework.util.StringUtils;
import diaphragma.tapspr.XWebApplicationContextUtils;
/**
* @author jabarker
* @version $Revision: $
*/
@ComponentClass(allowInformalParameters=true, allowBody=true)
public abstract class Authorize extends AbstractFormComponent {
@Parameter(required=false)
public abstract String getIfAllGranted();
@Parameter(required=false)
public abstract String getIfAnyGranted();
@Parameter(required=false)
public abstract String getIfNotGranted();
/**
* An implementation of {BaseComponent} that allows its
* body through if some authorizations are granted to the request's
principal.
*
*
* Only works with permissions that are subclasses of [EMAIL PROTECTED]
* org.acegisecurity.acl.basic.BasicAclEntry}.
*
*
*
* One or more comma separate integer permissions are specified via
the
* hasPermission attribute. The tag will include its
body if
* any of the integer permissions have been granted to the
current
* Authentication (obtained from the
SecurityContextHolder).
*
*
*
* For this class to operate it must be able to access the
application context
* via the WebApplicationContextUtils and locate an
[EMAIL PROTECTED]
* AclManager}. Application contexts have no need to have more than
one
* AclManager (as a provider-based implementation can
be used so
* that it locates a provider that is authoritative for the given
domain
* object instance), so the first AclManager located
will be
* used.
*
*
* @author Ben Alex
*/
public final static String IF_VALUE_ATTRIBUTE =
"org.mb.tapestry.base.IfValue";
@Parameter(required=false)
public abstract IBinding getConditionValueBinding();
@Parameter(required=false)
public abstract boolean getVolatile();
@Parameter(require
RE: Tapestry/Acegi Integration...
}
/**
* Find the common authorities between the current
authentication's [EMAIL PROTECTED]
* GrantedAuthority} and the ones that have been specified in
the tag's
* ifAny, ifNot or ifAllGranted attributes.
*
*
* We need to manually iterate over both collections, because
the granted
* authorities might not implement [EMAIL PROTECTED]
Object#equals(Object)}
and
* [EMAIL PROTECTED] Object#hashCode()} in the same way as [EMAIL
PROTECTED]
* GrantedAuthorityImpl}, thereby invalidating [EMAIL PROTECTED]
* Collection#retainAll(java.util.Collection)} results.
*
*
*
* CAVEAT: This method will
not work if
* the granted authorities returns a null string as
the
* return value of [EMAIL PROTECTED]
* org.acegisecurity.GrantedAuthority#getAuthority()}.
*
*
*
* Reported by rawdave, on Fri Feb 04, 2005 2:11 pm in the Acegi
Security
* System for Spring forums.
*
*
* @param granted The authorities granted by the authentication.
May be any
*implementation of [EMAIL PROTECTED] GrantedAuthority}
that does
*not return null from
[EMAIL PROTECTED]
*org.acegisecurity.GrantedAuthority#getAuthority()}.
* @param required A [EMAIL PROTECTED] Set} of [EMAIL PROTECTED]
GrantedAuthorityImpl}s that have
*been built using ifAny, ifAll or ifNotGranted.
*
* @return A set containing only the common authorities between
* granted and required.
*
* @see http://forum.springframework.org/viewtopic.php?t=3367";>authz:authorize
* ifNotGranted not behaving as expected
*/
@SuppressWarnings("unchecked")
private Set retainAll(final Collection granted, final Set
required) {
Set grantedRoles = authoritiesToRoles(granted);
Set requiredRoles = authoritiesToRoles(required);
grantedRoles.retainAll(requiredRoles);
return rolesToAuthorities(grantedRoles, granted);
}
@SuppressWarnings("unchecked")
private Set rolesToAuthorities(Set grantedRoles, Collection
granted) {
Set target = new HashSet();
for (Iterator iterator = grantedRoles.iterator();
iterator.hasNext();) {
String role = (String) iterator.next();
for (Iterator grantedIterator = granted.iterator();
grantedIterator.hasNext();) {
GrantedAuthority authority = (GrantedAuthority)
grantedIterator
.next();
if (authority.getAuthority().equals(role)) {
target.add(authority);
break;
}
}
}
return target;
}
//
/**
*
*/
public Authorize() {
super();
// TODO Auto-generated constructor stub
}
/* (non-Javadoc)
* @see org.apache.tapestry.form.AbstractFormComponent#getForm()
*/
@Override
public IForm getForm() {
// TODO Auto-generated method stub
return null;
}
/* (non-Javadoc)
* @see
org.apache.tapestry.form.AbstractFormComponent#setForm(org.apache.tapestry.I
Form)
*/
@Override
public void setForm(IForm arg0) {
// TODO Auto-generated method stub
}
/* (non-Javadoc)
* @see org.apache.tapestry.form.IFormComponent#getDisplayName()
*/
public String getDisplayName() {
// TODO Auto-generated method stub
return null;
}
/* (non-Javadoc)
* @see org.apache.tapestry.form.IFormComponent#getClientId()
*/
public String getClientId() {
// TODO Auto-generated method stub
return null;
}
}
===
Authorize.jwc
http://jakarta.apache.org/tapestry/dtd/Tapestry_4_0.dtd";>
-Original Message-
From: James Carman [mailto:[EMAIL PROTECTED]
Sent: Friday, June 09, 2006 5:49 PM
To: 'Tapestry users'; [EMAIL PROTECTED]
Subject: RE: Tapestry/Acegi Integration...
I was actually thinking of a @Secured component that would conditionally
show its contents only if the user has the required p
RE: Tapestry/Acegi Integration...
}
/**
* Find the common authorities between the current
authentication's [EMAIL PROTECTED]
* GrantedAuthority} and the ones that have been specified in
the tag's
* ifAny, ifNot or ifAllGranted attributes.
*
*
* We need to manually iterate over both collections, because
the granted
* authorities might not implement [EMAIL PROTECTED]
Object#equals(Object)}
and
* [EMAIL PROTECTED] Object#hashCode()} in the same way as [EMAIL
PROTECTED]
* GrantedAuthorityImpl}, thereby invalidating [EMAIL PROTECTED]
* Collection#retainAll(java.util.Collection)} results.
*
*
*
* CAVEAT: This method will
not work if
* the granted authorities returns a null string as
the
* return value of [EMAIL PROTECTED]
* org.acegisecurity.GrantedAuthority#getAuthority()}.
*
*
*
* Reported by rawdave, on Fri Feb 04, 2005 2:11 pm in the Acegi
Security
* System for Spring forums.
*
*
* @param granted The authorities granted by the authentication.
May be any
*implementation of [EMAIL PROTECTED] GrantedAuthority}
that does
*not return null from
[EMAIL PROTECTED]
*org.acegisecurity.GrantedAuthority#getAuthority()}.
* @param required A [EMAIL PROTECTED] Set} of [EMAIL PROTECTED]
GrantedAuthorityImpl}s that have
*been built using ifAny, ifAll or ifNotGranted.
*
* @return A set containing only the common authorities between
* granted and required.
*
* @see http://forum.springframework.org/viewtopic.php?t=3367";>authz:authorize
* ifNotGranted not behaving as expected
*/
@SuppressWarnings("unchecked")
private Set retainAll(final Collection granted, final Set
required) {
Set grantedRoles = authoritiesToRoles(granted);
Set requiredRoles = authoritiesToRoles(required);
grantedRoles.retainAll(requiredRoles);
return rolesToAuthorities(grantedRoles, granted);
}
@SuppressWarnings("unchecked")
private Set rolesToAuthorities(Set grantedRoles, Collection
granted) {
Set target = new HashSet();
for (Iterator iterator = grantedRoles.iterator();
iterator.hasNext();) {
String role = (String) iterator.next();
for (Iterator grantedIterator = granted.iterator();
grantedIterator.hasNext();) {
GrantedAuthority authority = (GrantedAuthority)
grantedIterator
.next();
if (authority.getAuthority().equals(role)) {
target.add(authority);
break;
}
}
}
return target;
}
//
/**
*
*/
public Authorize() {
super();
// TODO Auto-generated constructor stub
}
/* (non-Javadoc)
* @see org.apache.tapestry.form.AbstractFormComponent#getForm()
*/
@Override
public IForm getForm() {
// TODO Auto-generated method stub
return null;
}
/* (non-Javadoc)
* @see
org.apache.tapestry.form.AbstractFormComponent#setForm(org.apache.tapestry.I
Form)
*/
@Override
public void setForm(IForm arg0) {
// TODO Auto-generated method stub
}
/* (non-Javadoc)
* @see org.apache.tapestry.form.IFormComponent#getDisplayName()
*/
public String getDisplayName() {
// TODO Auto-generated method stub
return null;
}
/* (non-Javadoc)
* @see org.apache.tapestry.form.IFormComponent#getClientId()
*/
public String getClientId() {
// TODO Auto-generated method stub
return null;
}
}
===
Authorize.jwc
http://jakarta.apache.org/tapestry/dtd/Tapestry_4_0.dtd";>
-Original Message-
From: James Carman [mailto:[EMAIL PROTECTED]
Sent: Friday, June 09, 2006 5:49 PM
To: 'Tapestry users'; [EMAIL PROTECTED]
Subject: RE: Tapestry/Acegi Integration...
I was actually thinking of a @Secured component that would conditionally
show its contents only if the user has the required p
RE: Tapestry/Acegi Integration...
I was actually thinking of a @Secured component that would conditionally show its contents only if the user has the required permissions. -Original Message- From: Hugo Palma [mailto:[EMAIL PROTECTED] Sent: Friday, June 09, 2006 5:45 PM To: Tapestry users Subject: Re: Tapestry/Acegi Integration... I was just thinking about something that would be really cool. It's a common requirement in some applications that some ui elements are hidden/shown depending on user role. What i'm thinking is that tapestry-acegi could provide the same @Secured annotation for component classes but it would have a different behavior. Instead of simply checking authorization and returning an error it the user doesn't have access permissions, it would show the component if the user had the given role and hide it otherwise. Would this be cool or what ? :o) James Carman wrote: > Form-based authentication is coming soon! :-) It should be quite easy. > > >> Hi, >> a smooth integration of ACEGI into Tapestry is really cool stuff. We >> managed it by using >> the internal org.acegisecurity.util.FilterToBeanProxy and >> FilterChainProxy for authentication >> and partially for authorization (user /not logged in without role check) >> within the web.xml. >> >> Does this mean that it would be possible to just configure the >> filterChainProxy in spring and >> inject this spring bean as a "tapestry filter" in front of Tapestry >> servlet? Or am I completely >> wrong? Unfortunately we don't use basic HTTP authentication but a form >> based authentication >> incobination with an internal SSO solution. >> Gernot >> >> On Friday 09 June 2006 10:49, James Carman wrote: >> >>> Gernot, >>> >>> I plan on making the different login mechanisms more "pluggable" soon. >>> I've >>> got an idea that will make it much easier (making Tapestry support >>> servlet >>> filters as ServletRequestServicerFilters so I don't have to write >>> "adapter" >>> subclasses). Once I get everything running smoothly, I'll release it as >>> a >>> 1.0 (hopefully won't be too long). You can use it now as-is, if all you >>> need is HTTP basic authentication. >>> >>> James >>> >> -- >> Gernot Stocker, >> Institute for Genomics and Bioinformatics(IGB) >> Petersgasse 14, 8010 Graz, Austria >> Tel.: ++43 316 873 5345 >> http://genome.tugraz.at >> >> > > > James Carman, President > Carman Consulting, Inc. > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tapestry/Acegi Integration...
I was just thinking about something that would be really cool. It's a common requirement in some applications that some ui elements are hidden/shown depending on user role. What i'm thinking is that tapestry-acegi could provide the same @Secured annotation for component classes but it would have a different behavior. Instead of simply checking authorization and returning an error it the user doesn't have access permissions, it would show the component if the user had the given role and hide it otherwise. Would this be cool or what ? :o) James Carman wrote: Form-based authentication is coming soon! :-) It should be quite easy. Hi, a smooth integration of ACEGI into Tapestry is really cool stuff. We managed it by using the internal org.acegisecurity.util.FilterToBeanProxy and FilterChainProxy for authentication and partially for authorization (user /not logged in without role check) within the web.xml. Does this mean that it would be possible to just configure the filterChainProxy in spring and inject this spring bean as a "tapestry filter" in front of Tapestry servlet? Or am I completely wrong? Unfortunately we don't use basic HTTP authentication but a form based authentication incobination with an internal SSO solution. Gernot On Friday 09 June 2006 10:49, James Carman wrote: Gernot, I plan on making the different login mechanisms more "pluggable" soon. I've got an idea that will make it much easier (making Tapestry support servlet filters as ServletRequestServicerFilters so I don't have to write "adapter" subclasses). Once I get everything running smoothly, I'll release it as a 1.0 (hopefully won't be too long). You can use it now as-is, if all you need is HTTP basic authentication. James -- Gernot Stocker, Institute for Genomics and Bioinformatics(IGB) Petersgasse 14, 8010 Graz, Austria Tel.: ++43 316 873 5345 http://genome.tugraz.at James Carman, President Carman Consulting, Inc. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tapestry/Acegi Integration...
Or, Acegistry! :-) LOL > On 6/9/06, James Carman <[EMAIL PROTECTED]> wrote: > >> Oh, so you want to directly link to my site? I figured that since we >> will >> already have a link to tapestry-javaforge that folks could get to >> tapernate, tapestry-autowire, tapestry-acegi, etc. from there. I would >> imagine (and I control it) that the URL for the tapestry-acegi project's >> documentation will be www.carmanconsulting.com/tapestry-acegi. > > Why not calling it something like tapacegi or tapegi? > > Sorry couldn't resist :) > > -- > Massimo > http://meridio.blogspot.com > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > James Carman, President Carman Consulting, Inc. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tapestry/Acegi Integration...
On 6/9/06, James Carman <[EMAIL PROTECTED]> wrote: Oh, so you want to directly link to my site? I figured that since we will already have a link to tapestry-javaforge that folks could get to tapernate, tapestry-autowire, tapestry-acegi, etc. from there. I would imagine (and I control it) that the URL for the tapestry-acegi project's documentation will be www.carmanconsulting.com/tapestry-acegi. Why not calling it something like tapacegi or tapegi? Sorry couldn't resist :) -- Massimo http://meridio.blogspot.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tapestry/Acegi Integration...
It's there. So, you can link to both that and Tapernate if you wish. www.carmanconsulting.com/tapernate www.carmanconsulting.com/tapestry-acegi > Well, when you get to it let me know, it's ~very~ easy to make a change > and > quickly deploy the docs now. > > On 6/9/06, James Carman <[EMAIL PROTECTED]> wrote: >> >> Oh, so you want to directly link to my site? I figured that since we >> will >> already have a link to tapestry-javaforge that folks could get to >> tapernate, tapestry-autowire, tapestry-acegi, etc. from there. I would >> imagine (and I control it) that the URL for the tapestry-acegi project's >> documentation will be www.carmanconsulting.com/tapestry-acegi. >> >> >> > I meant linked here: >> > >> > http://tapestry.apache.org/ >> > >> > On 6/9/06, James Carman <[EMAIL PROTECTED]> wrote: >> >> >> >> The tapestry-acegi and tapernate modules are both subprojects of the >> >> tapestry-javaforge project. So, we're already linked in. I need to >> >> update the tapestry-javaforge site in SVN to point to my sites on my >> >> server. >> >> >> >> It won't be difficult to get the documentation written for >> >> tapestry-acegi. >> >> It'll just take a bit of time. >> >> >> >> > If you put up a shell mvn site I'll make sure you get linked in. >> >> > >> >> > On 6/9/06, James Carman <[EMAIL PROTECTED]> wrote: >> >> >> >> >> >> All, >> >> >> >> >> >> The tapernate-example application has been refactored to reflect >> the >> >> >> latest >> >> >> changes in the Tapestry/Acegi integration module. Now, the Acegi >> >> >> support >> >> >> is >> >> >> more "drop-in-able." Here's the only configuration required: >> >> >> >> >> >> > > >> >> >> >> >> >> > >> >> class=" >> >> >> >> com.carmanconsulting.tapernate.example.domain.dao.impl.UserDetailsSer >> >> >> viceImpl"/> >> >> >> >> >> >> >> >> >> >> >> >> This is required because the hivemind.acegi.dao module >> automatically >> >> >> adds >> >> >> the DaoAuthenticationProvider to the authentication providers list >> >> and >> >> >> the >> >> >> DaoAuthenticationProvider requires a UserDetailsService. >> >> >> >> >> >> > configuration-id="hivemind.acegi.AccessDecisionVoters >> "> >> >> >> >> >> >> >> >> >> >> >> >> This is required because Acegi needs at least one "decision >> voter." >> >> >> >> >> >> >> >> >> > /> >> >> >> >> >> >> >> >> >> This isn't exactly required, but suggested. The >> hivemind.acegi.dao >> >> >> module >> >> >> uses a system-wide salt which defaults to "CAFEBABE" (the Java >> class >> >> >> file >> >> >> "magic number"). You should override this. >> >> >> >> >> >> Other than that, it just works (as long as you want BASIC >> >> >> authentication). >> >> >> You can also override the authentication realm name using symbol >> >> >> overrides. >> >> >> >> >> >> James >> >> >> >> >> >> >> >> >> >> >> >> >> - >> >> >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> >> >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> >> >> >> >> >> >> > >> >> > >> >> > -- >> >> > Jesse Kuhnert >> >> > Tacos/Tapestry, team member/developer >> >> > >> >> > Open source based consulting work centered around >> >> > dojo/tapestry/tacos/hivemind. >> >> > >> >> >> >> >> >> James Carman, President >> >> Carman Consulting, Inc. >> >> >> >> >> >> - >> >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> >> >> >> > >> > >> > -- >> > Jesse Kuhnert >> > Tacos/Tapestry, team member/developer >> > >> > Open source based consulting work centered around >> > dojo/tapestry/tacos/hivemind. >> > >> >> >> James Carman, President >> Carman Consulting, Inc. >> >> >> - >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> > > > -- > Jesse Kuhnert > Tacos/Tapestry, team member/developer > > Open source based consulting work centered around > dojo/tapestry/tacos/hivemind. > James Carman, President Carman Consulting, Inc. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tapestry/Acegi Integration...
Well, when you get to it let me know, it's ~very~ easy to make a change and quickly deploy the docs now. On 6/9/06, James Carman <[EMAIL PROTECTED]> wrote: Oh, so you want to directly link to my site? I figured that since we will already have a link to tapestry-javaforge that folks could get to tapernate, tapestry-autowire, tapestry-acegi, etc. from there. I would imagine (and I control it) that the URL for the tapestry-acegi project's documentation will be www.carmanconsulting.com/tapestry-acegi. > I meant linked here: > > http://tapestry.apache.org/ > > On 6/9/06, James Carman <[EMAIL PROTECTED]> wrote: >> >> The tapestry-acegi and tapernate modules are both subprojects of the >> tapestry-javaforge project. So, we're already linked in. I need to >> update the tapestry-javaforge site in SVN to point to my sites on my >> server. >> >> It won't be difficult to get the documentation written for >> tapestry-acegi. >> It'll just take a bit of time. >> >> > If you put up a shell mvn site I'll make sure you get linked in. >> > >> > On 6/9/06, James Carman <[EMAIL PROTECTED]> wrote: >> >> >> >> All, >> >> >> >> The tapernate-example application has been refactored to reflect the >> >> latest >> >> changes in the Tapestry/Acegi integration module. Now, the Acegi >> >> support >> >> is >> >> more "drop-in-able." Here's the only configuration required: >> >> >> >> >> >> >> >> > >> class=" >> >> com.carmanconsulting.tapernate.example.domain.dao.impl.UserDetailsSer >> >> viceImpl"/> >> >> >> >> >> >> >> >> This is required because the hivemind.acegi.dao module automatically >> >> adds >> >> the DaoAuthenticationProvider to the authentication providers list >> and >> >> the >> >> DaoAuthenticationProvider requires a UserDetailsService. >> >> >> >> >> >> >> >> >> >> >> >> This is required because Acegi needs at least one "decision voter." >> >> >> >> >> >> >> >> >> >> >> >> This isn't exactly required, but suggested. The hivemind.acegi.dao >> >> module >> >> uses a system-wide salt which defaults to "CAFEBABE" (the Java class >> >> file >> >> "magic number"). You should override this. >> >> >> >> Other than that, it just works (as long as you want BASIC >> >> authentication). >> >> You can also override the authentication realm name using symbol >> >> overrides. >> >> >> >> James >> >> >> >> >> >> >> >> - >> >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> >> >> >> > >> > >> > -- >> > Jesse Kuhnert >> > Tacos/Tapestry, team member/developer >> > >> > Open source based consulting work centered around >> > dojo/tapestry/tacos/hivemind. >> > >> >> >> James Carman, President >> Carman Consulting, Inc. >> >> >> - >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> > > > -- > Jesse Kuhnert > Tacos/Tapestry, team member/developer > > Open source based consulting work centered around > dojo/tapestry/tacos/hivemind. > James Carman, President Carman Consulting, Inc. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Jesse Kuhnert Tacos/Tapestry, team member/developer Open source based consulting work centered around dojo/tapestry/tacos/hivemind.
Re: Tapestry/Acegi Integration...
Oh, so you want to directly link to my site? I figured that since we will already have a link to tapestry-javaforge that folks could get to tapernate, tapestry-autowire, tapestry-acegi, etc. from there. I would imagine (and I control it) that the URL for the tapestry-acegi project's documentation will be www.carmanconsulting.com/tapestry-acegi. > I meant linked here: > > http://tapestry.apache.org/ > > On 6/9/06, James Carman <[EMAIL PROTECTED]> wrote: >> >> The tapestry-acegi and tapernate modules are both subprojects of the >> tapestry-javaforge project. So, we're already linked in. I need to >> update the tapestry-javaforge site in SVN to point to my sites on my >> server. >> >> It won't be difficult to get the documentation written for >> tapestry-acegi. >> It'll just take a bit of time. >> >> > If you put up a shell mvn site I'll make sure you get linked in. >> > >> > On 6/9/06, James Carman <[EMAIL PROTECTED]> wrote: >> >> >> >> All, >> >> >> >> The tapernate-example application has been refactored to reflect the >> >> latest >> >> changes in the Tapestry/Acegi integration module. Now, the Acegi >> >> support >> >> is >> >> more "drop-in-able." Here's the only configuration required: >> >> >> >> >> >> >> >> > >> class=" >> >> com.carmanconsulting.tapernate.example.domain.dao.impl.UserDetailsSer >> >> viceImpl"/> >> >> >> >> >> >> >> >> This is required because the hivemind.acegi.dao module automatically >> >> adds >> >> the DaoAuthenticationProvider to the authentication providers list >> and >> >> the >> >> DaoAuthenticationProvider requires a UserDetailsService. >> >> >> >> >> >> >> >> >> >> >> >> This is required because Acegi needs at least one "decision voter." >> >> >> >> >> >> >> >> >> >> >> >> This isn't exactly required, but suggested. The hivemind.acegi.dao >> >> module >> >> uses a system-wide salt which defaults to "CAFEBABE" (the Java class >> >> file >> >> "magic number"). You should override this. >> >> >> >> Other than that, it just works (as long as you want BASIC >> >> authentication). >> >> You can also override the authentication realm name using symbol >> >> overrides. >> >> >> >> James >> >> >> >> >> >> >> >> - >> >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> >> >> >> > >> > >> > -- >> > Jesse Kuhnert >> > Tacos/Tapestry, team member/developer >> > >> > Open source based consulting work centered around >> > dojo/tapestry/tacos/hivemind. >> > >> >> >> James Carman, President >> Carman Consulting, Inc. >> >> >> - >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> > > > -- > Jesse Kuhnert > Tacos/Tapestry, team member/developer > > Open source based consulting work centered around > dojo/tapestry/tacos/hivemind. > James Carman, President Carman Consulting, Inc. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tapestry/Acegi Integration...
I meant linked here: http://tapestry.apache.org/ On 6/9/06, James Carman <[EMAIL PROTECTED]> wrote: The tapestry-acegi and tapernate modules are both subprojects of the tapestry-javaforge project. So, we're already linked in. I need to update the tapestry-javaforge site in SVN to point to my sites on my server. It won't be difficult to get the documentation written for tapestry-acegi. It'll just take a bit of time. > If you put up a shell mvn site I'll make sure you get linked in. > > On 6/9/06, James Carman <[EMAIL PROTECTED]> wrote: >> >> All, >> >> The tapernate-example application has been refactored to reflect the >> latest >> changes in the Tapestry/Acegi integration module. Now, the Acegi >> support >> is >> more "drop-in-able." Here's the only configuration required: >> >> >> >> > class=" >> com.carmanconsulting.tapernate.example.domain.dao.impl.UserDetailsSer >> viceImpl"/> >> >> >> >> This is required because the hivemind.acegi.dao module automatically >> adds >> the DaoAuthenticationProvider to the authentication providers list and >> the >> DaoAuthenticationProvider requires a UserDetailsService. >> >> >> >> >> >> This is required because Acegi needs at least one "decision voter." >> >> >> >> >> >> This isn't exactly required, but suggested. The hivemind.acegi.dao >> module >> uses a system-wide salt which defaults to "CAFEBABE" (the Java class >> file >> "magic number"). You should override this. >> >> Other than that, it just works (as long as you want BASIC >> authentication). >> You can also override the authentication realm name using symbol >> overrides. >> >> James >> >> >> >> - >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> > > > -- > Jesse Kuhnert > Tacos/Tapestry, team member/developer > > Open source based consulting work centered around > dojo/tapestry/tacos/hivemind. > James Carman, President Carman Consulting, Inc. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Jesse Kuhnert Tacos/Tapestry, team member/developer Open source based consulting work centered around dojo/tapestry/tacos/hivemind.
Re: Tapestry/Acegi Integration...
The tapestry-acegi and tapernate modules are both subprojects of the tapestry-javaforge project. So, we're already linked in. I need to update the tapestry-javaforge site in SVN to point to my sites on my server. It won't be difficult to get the documentation written for tapestry-acegi. It'll just take a bit of time. > If you put up a shell mvn site I'll make sure you get linked in. > > On 6/9/06, James Carman <[EMAIL PROTECTED]> wrote: >> >> All, >> >> The tapernate-example application has been refactored to reflect the >> latest >> changes in the Tapestry/Acegi integration module. Now, the Acegi >> support >> is >> more "drop-in-able." Here's the only configuration required: >> >> >> >> > class=" >> com.carmanconsulting.tapernate.example.domain.dao.impl.UserDetailsSer >> viceImpl"/> >> >> >> >> This is required because the hivemind.acegi.dao module automatically >> adds >> the DaoAuthenticationProvider to the authentication providers list and >> the >> DaoAuthenticationProvider requires a UserDetailsService. >> >> >> >> >> >> This is required because Acegi needs at least one "decision voter." >> >> >> >> >> >> This isn't exactly required, but suggested. The hivemind.acegi.dao >> module >> uses a system-wide salt which defaults to "CAFEBABE" (the Java class >> file >> "magic number"). You should override this. >> >> Other than that, it just works (as long as you want BASIC >> authentication). >> You can also override the authentication realm name using symbol >> overrides. >> >> James >> >> >> >> - >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> > > > -- > Jesse Kuhnert > Tacos/Tapestry, team member/developer > > Open source based consulting work centered around > dojo/tapestry/tacos/hivemind. > James Carman, President Carman Consulting, Inc. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tapestry/Acegi Integration...
If you put up a shell mvn site I'll make sure you get linked in. On 6/9/06, James Carman <[EMAIL PROTECTED]> wrote: All, The tapernate-example application has been refactored to reflect the latest changes in the Tapestry/Acegi integration module. Now, the Acegi support is more "drop-in-able." Here's the only configuration required: This is required because the hivemind.acegi.dao module automatically adds the DaoAuthenticationProvider to the authentication providers list and the DaoAuthenticationProvider requires a UserDetailsService. This is required because Acegi needs at least one "decision voter." This isn't exactly required, but suggested. The hivemind.acegi.dao module uses a system-wide salt which defaults to "CAFEBABE" (the Java class file "magic number"). You should override this. Other than that, it just works (as long as you want BASIC authentication). You can also override the authentication realm name using symbol overrides. James - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Jesse Kuhnert Tacos/Tapestry, team member/developer Open source based consulting work centered around dojo/tapestry/tacos/hivemind.
Re: Tapestry/Acegi Integration...
Form-based authentication is coming soon! :-) It should be quite easy. > Hi, > a smooth integration of ACEGI into Tapestry is really cool stuff. We > managed it by using > the internal org.acegisecurity.util.FilterToBeanProxy and > FilterChainProxy for authentication > and partially for authorization (user /not logged in without role check) > within the web.xml. > > Does this mean that it would be possible to just configure the > filterChainProxy in spring and > inject this spring bean as a "tapestry filter" in front of Tapestry > servlet? Or am I completely > wrong? Unfortunately we don't use basic HTTP authentication but a form > based authentication > incobination with an internal SSO solution. > Gernot > > On Friday 09 June 2006 10:49, James Carman wrote: >> Gernot, >> >> I plan on making the different login mechanisms more "pluggable" soon. >> I've >> got an idea that will make it much easier (making Tapestry support >> servlet >> filters as ServletRequestServicerFilters so I don't have to write >> "adapter" >> subclasses). Once I get everything running smoothly, I'll release it as >> a >> 1.0 (hopefully won't be too long). You can use it now as-is, if all you >> need is HTTP basic authentication. >> >> James > -- > Gernot Stocker, > Institute for Genomics and Bioinformatics(IGB) > Petersgasse 14, 8010 Graz, Austria > Tel.: ++43 316 873 5345 > http://genome.tugraz.at > James Carman, President Carman Consulting, Inc. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tapestry/Acegi Integration...
Hi, a smooth integration of ACEGI into Tapestry is really cool stuff. We managed it by using the internal org.acegisecurity.util.FilterToBeanProxy and FilterChainProxy for authentication and partially for authorization (user /not logged in without role check) within the web.xml. Does this mean that it would be possible to just configure the filterChainProxy in spring and inject this spring bean as a "tapestry filter" in front of Tapestry servlet? Or am I completely wrong? Unfortunately we don't use basic HTTP authentication but a form based authentication incobination with an internal SSO solution. Gernot On Friday 09 June 2006 10:49, James Carman wrote: > Gernot, > > I plan on making the different login mechanisms more "pluggable" soon. I've > got an idea that will make it much easier (making Tapestry support servlet > filters as ServletRequestServicerFilters so I don't have to write "adapter" > subclasses). Once I get everything running smoothly, I'll release it as a > 1.0 (hopefully won't be too long). You can use it now as-is, if all you > need is HTTP basic authentication. > > James -- Gernot Stocker, Institute for Genomics and Bioinformatics(IGB) Petersgasse 14, 8010 Graz, Austria Tel.: ++43 316 873 5345 http://genome.tugraz.at pgppw87buhZ4T.pgp Description: PGP signature
RE: Tapestry/Acegi Integration...
Gernot,
I plan on making the different login mechanisms more "pluggable" soon. I've
got an idea that will make it much easier (making Tapestry support servlet
filters as ServletRequestServicerFilters so I don't have to write "adapter"
subclasses). Once I get everything running smoothly, I'll release it as a
1.0 (hopefully won't be too long). You can use it now as-is, if all you
need is HTTP basic authentication.
James
-Original Message-
From: Gernot Stocker [mailto:[EMAIL PROTECTED]
Sent: Friday, June 09, 2006 4:11 AM
To: Tapestry users
Subject: Re: Tapestry/Acegi Integration...
Hi,
this sounds really great! Is there already a released jar file around which
can
be just plugged in ;-) ?
I have a Tap/Spring webapplication in which ACEGI is already securing my
service facade in the backend. A proper integration into the web ui would be
the next thing to do. Any plans for releasing the code may be as a beta?
Thanks,
Gernot
On Friday 09 June 2006 01:34, James Carman wrote:
> All,
>
> Now, Acegi secured methods are supported. So, if you have a listener
method
> (taken from the tapernate example):
>
> @Secured("ROLE_EDIT")
> public void editMessage( Message message )
> {
> // Blah blah
> }
>
> The tapernate-acegi module will perform a security check prior to
executing
> the editMessage() method to make sure that the currently authenticated
user
> has the role "ROLE_EDIT". As before, you can place a @Secured annotation
on
> a page class and it will also be secured using a PageValidateListener
which
> checks for the appropriate role.
>
> Enjoy!
>
> James
>
> -Original Message-----
> From: James Carman [mailto:[EMAIL PROTECTED]
> Sent: Thursday, June 08, 2006 10:26 AM
> To: 'Tapestry users'
> Subject: RE: Tapestry/Acegi Integration...
>
> Oh, to login to the example application, you use tapernate/tapernate.
>
>
> -Original Message-
> From: James Carman [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, June 07, 2006 10:38 PM
> To: 'Tapestry users'
> Subject: Tapestry/Acegi Integration...
>
> All,
>
> I have taken a stab at Tapestry/Acegi integration. The Tapernate example
> application now uses Acegi to secure the CreateMessage page (using a
> @Secured("ROLE_USER") annotation). By no means is this the final version.
> I just wanted to get it in front of some folks to see what they thought.
> Enjoy!
>
> James
>
>
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
--
Gernot Stocker,
Institute for Genomics and Bioinformatics(IGB)
Petersgasse 14, 8010 Graz, Austria
Tel.: ++43 316 873 5345
http://genome.tugraz.at
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tapestry/Acegi Integration...
On 09. Jun 2006 - 10:11:15, Gernot Stocker wrote: | Hi, | this sounds really great! Is there already a released jar file around which can | be just plugged in ;-) ? At the moment you have to download the whole .war archive from www.carmanconsulting.com/mvn/com/carmanconsulting/tapernate-example/0.1 and pick the needed jars from WEB-INF/lib manually. I've already requested the jars to be released seperately from the tapernate-example -> James is informed ;) HTH, Andreas - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tapestry/Acegi Integration...
Hi,
this sounds really great! Is there already a released jar file around which can
be just plugged in ;-) ?
I have a Tap/Spring webapplication in which ACEGI is already securing my
service facade in the backend. A proper integration into the web ui would be
the next thing to do. Any plans for releasing the code may be as a beta?
Thanks,
Gernot
On Friday 09 June 2006 01:34, James Carman wrote:
> All,
>
> Now, Acegi secured methods are supported. So, if you have a listener method
> (taken from the tapernate example):
>
> @Secured("ROLE_EDIT")
> public void editMessage( Message message )
> {
> // Blah blah
> }
>
> The tapernate-acegi module will perform a security check prior to executing
> the editMessage() method to make sure that the currently authenticated user
> has the role "ROLE_EDIT". As before, you can place a @Secured annotation on
> a page class and it will also be secured using a PageValidateListener which
> checks for the appropriate role.
>
> Enjoy!
>
> James
>
> -Original Message-
> From: James Carman [mailto:[EMAIL PROTECTED]
> Sent: Thursday, June 08, 2006 10:26 AM
> To: 'Tapestry users'
> Subject: RE: Tapestry/Acegi Integration...
>
> Oh, to login to the example application, you use tapernate/tapernate.
>
>
> -Original Message-
> From: James Carman [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, June 07, 2006 10:38 PM
> To: 'Tapestry users'
> Subject: Tapestry/Acegi Integration...
>
> All,
>
> I have taken a stab at Tapestry/Acegi integration. The Tapernate example
> application now uses Acegi to secure the CreateMessage page (using a
> @Secured("ROLE_USER") annotation). By no means is this the final version.
> I just wanted to get it in front of some folks to see what they thought.
> Enjoy!
>
> James
>
>
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
--
Gernot Stocker,
Institute for Genomics and Bioinformatics(IGB)
Petersgasse 14, 8010 Graz, Austria
Tel.: ++43 316 873 5345
http://genome.tugraz.at
pgpV1atzdtp5I.pgp
Description: PGP signature
RE: Tapestry/Acegi Integration...
All,
Now, Acegi secured methods are supported. So, if you have a listener method
(taken from the tapernate example):
@Secured("ROLE_EDIT")
public void editMessage( Message message )
{
// Blah blah
}
The tapernate-acegi module will perform a security check prior to executing
the editMessage() method to make sure that the currently authenticated user
has the role "ROLE_EDIT". As before, you can place a @Secured annotation on
a page class and it will also be secured using a PageValidateListener which
checks for the appropriate role.
Enjoy!
James
-Original Message-
From: James Carman [mailto:[EMAIL PROTECTED]
Sent: Thursday, June 08, 2006 10:26 AM
To: 'Tapestry users'
Subject: RE: Tapestry/Acegi Integration...
Oh, to login to the example application, you use tapernate/tapernate.
-Original Message-
From: James Carman [mailto:[EMAIL PROTECTED]
Sent: Wednesday, June 07, 2006 10:38 PM
To: 'Tapestry users'
Subject: Tapestry/Acegi Integration...
All,
I have taken a stab at Tapestry/Acegi integration. The Tapernate example
application now uses Acegi to secure the CreateMessage page (using a
@Secured("ROLE_USER") annotation). By no means is this the final version.
I just wanted to get it in front of some folks to see what they thought.
Enjoy!
James
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tapestry/Acegi Integration...
Oh, to login to the example application, you use tapernate/tapernate.
-Original Message-
From: James Carman [mailto:[EMAIL PROTECTED]
Sent: Wednesday, June 07, 2006 10:38 PM
To: 'Tapestry users'
Subject: Tapestry/Acegi Integration...
All,
I have taken a stab at Tapestry/Acegi integration. The Tapernate example
application now uses Acegi to secure the CreateMessage page (using a
@Secured("ROLE_USER") annotation). By no means is this the final version.
I just wanted to get it in front of some folks to see what they thought.
Enjoy!
James
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
RE: Tapestry/Acegi Integration...
There are a few modules involved, all at JavaForge. The hivemind-acegi and
hivemind-acegi-dao are located in the hivemind project. The tapestry-acegi
module is located in the tapestry project. The SVN URLs are as follows:
http://svn.javaforge.com/svn/hivemind/hivemind-acegi/trunk
http://svn.javaforge.com/svn/hivemind/hivemind-acegi-dao/trunk
http://svn.javaforge.com/svn/tapestry/tapestry-acegi/trunk
You can login using anonymous/anon.
-Original Message-
From: Henri Dupre [mailto:[EMAIL PROTECTED]
Sent: Wednesday, June 07, 2006 11:04 PM
To: Tapestry users
Subject: Re: Tapestry/Acegi Integration...
That's fantastic! Where's the code?
On 6/7/06, James Carman <[EMAIL PROTECTED]> wrote:
>
> All,
>
> I have taken a stab at Tapestry/Acegi integration. The Tapernate example
> application now uses Acegi to secure the CreateMessage page (using a
> @Secured("ROLE_USER") annotation). By no means is this the final version.
> I just wanted to get it in front of some folks to see what they thought.
> Enjoy!
>
> James
>
>
>
> --
> Thanks,
>
> Henri.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tapestry/Acegi Integration...
That's fantastic! Where's the code?
On 6/7/06, James Carman <[EMAIL PROTECTED]> wrote:
All,
I have taken a stab at Tapestry/Acegi integration. The Tapernate example
application now uses Acegi to secure the CreateMessage page (using a
@Secured("ROLE_USER") annotation). By no means is this the final version.
I just wanted to get it in front of some folks to see what they thought.
Enjoy!
James
--
Thanks,
Henri.
