Re: Best pratice - CRUD Security - Tapestry 4.0

Tue, 16 May 2006 09:09:29 -0700 

I agree that ACEGI fits very nicely with Tapestry. Still, it introduces two
technologies for the team to learn, ACEGI and Spring.
Having chosen hivemind as the IOC container to use for some projects i don't
find the option to also use Spring in the same projects a very good one.
If only there was an ACEGI implementation using hivemind IOC ;o). This is
possible as stated here http://www.acegisecurity.org/standalone.html, it
just needs to be donne.


On 5/16/06, Brian K. Wallace <[EMAIL PROTECTED]> wrote:


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This is where I stick with ACEGI being unobtrusive. Not discounting any
other method of doing it at all, but I found that with ACEGI I add a
hook into "login/logout" pages and there's no other intrusion into my
Tapestry applications outside the configuration file (aka: no
"isUserInRole("...")" of any kind.

Again - one size doesn't fit all - especially with security. Take the
"easiest way for you" as long as it foots the bill and you're usually
alright.

Lothar Reisinger wrote:
> It's Tomcat security in combination with a PageValidateListener that
> solves this problem for me. In each page that needs special security
> there is a call to request.isUserInRole("..."). If the user isn't
> allowed, a PageRedirectException is thrown to redirect to an allowed
> page or to the error page.
>
>
> Carl Pelletier wrote:
>> Hi everyone, I'm currently building a web site and looking for
>> documentations on how-to or best practice of implementing Role
>> security in Tapestry 4.0.
>>
>> It`s a Simple CRUD application and we need to give some security to
>> users.
>> What the best way of doing it? Using the Tomcat security? Creating my
>> own?
>>
>> Thanks for any help!
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>> For additional commands, e-mail: [EMAIL PROTECTED]
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)

iD8DBQFEafOpaCoPKRow/gARAmlQAKDWEShBV8uLehNby76wH8EwdClD5ACfa2qo
B/VWA+BF/eB5K+SddhYAgfA=
=L2q/
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to