On 5/3/06, Mike Snare <[EMAIL PROTECTED]> wrote:
Henri, This same issue has been discussed before (search the archives for my name and authentication), but I'll summarize what I've done and how it works -- and how it doesn't work. I've created an authentication interceptor that I attach to all the major engines. It simply checks for an authenticated user and throws a RedirectException to the login page if none is found. It also tells the login page where to go after a login. I have an external configuration file that can be used by a page designer to flag that his/her page should NOT be authenticated. By default, all pages are. The problem is timing. The authenticator gets called before the page is set up, and thus a callback can't be created. (I, too, ran into the PageCallback issue trying to overcome this). There is an enhancement request (TAPESTRY-892) that Jessee is looking at to enable us to force the setup of a page specifically for this reason (and others I haven't thought of). This approach isn't perfect, but depending on how your pages operate, does a good deal of the work for you.
This sounds quite good. I was just thinking that these features would be nice to have directly inside the tapestry framework since I bet that it would suit the needs of 90% of people. I hope to see something happening about your enhancement request because this is also where I'm stuck right now. Is there any chance to see your code and hivemind configuration? Thanks, Henri.
