Re: [Tapestry-developer] Web Application Platform

[Joseph Panico]

I think a fairly common solution, to both your problems, is to use the Page.validate() method. This method is intended to allow you to check if the request should have access to the requested page (before any page logic is invoked) and to redirect to another page if the validation (authorisation) failed.

Pixory (www.pixory.org) uses the validate method to protect all sensitive pages (requiring login). We check to see if the Visit associated with the RequestContext has already been logged in. If not, we redirect to the login page. In validate() you could also check with a finer grained controller to mediate page access based on user roles.

regards,

Joseph Panico
[EMAIL PROTECTED]

From: Lennart Benoot <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
CC: [EMAIL PROTECTED]
Subject: [Tapestry-developer] Web Application Platform
Date: Thu, 12 Dec 2002 15:28:10 +0100

Hey All,

I am currently in the process of defining a web application platform to provide web services. We have chosen Tapestry as MVC layer. I have a few problems I haven't been able to resolve (at least not in an elegant way):

1) I want the whole application to be available only for logged in users. We have an existing framework for security. I think when a request comes in, the front controller servlet should check wether the user has logged in. If not, reroute the user to the login page. How do I do this in tapestry?

2) Authorisation is also an important part of the web app platform. I would like to call some java-code whenever a new page is loaded. This code should check wether the user is allowed to access the page. If the user does not have the right permissions, he is rerouted to some other page. What would be a good way to do this?

Thanks in advance,
Lennart



-------------------------------------------------------
This sf.net email is sponsored by:
With Great Power, Comes Great Responsibility Learn to use your power at OSDN's High Performance Computing Channel
http://hpc.devchannel.org/
_______________________________________________
Tapestry-developer mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/tapestry-developer

_________________________________________________________________
Protect your PC - get McAfee.com VirusScan Online http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963



-------------------------------------------------------
This sf.net email is sponsored by:
With Great Power, Comes Great Responsibility Learn to use your power at OSDN's High Performance Computing Channel
http://hpc.devchannel.org/
_______________________________________________
Tapestry-developer mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/tapestry-developer