Hello Mark,
Mark Stang wrote:
Ignore the Mediator class it is one of ours. The real logic is in the else.
We store user and role in the visit and check when needed.
hth,
sorry, but it doesn't. I am looking for a more general solution - if at
all exists. I wish to lay grounds for security in my Tapestry app beyond
those described in Kent's book EWDT, Tapestry 101 or Beginning POJOS
(Novice to Professional). Imagine a portal with several portlets. Each
of the portlet is visible and/or editable only to some roles. In a
portal server such as Liferay or JBoss Portal you can do this by
assigning certain rights to portlets. I don't want to make a portal(!),
but I want to have blocks of code on a Tapestry page protected with a
pluggable authorization/authentication mechanism (memory based, LDAP,
JDBC, maybe even Active Directory).
Cheers,
Borut
Mark
Mark J. Stang
Senior Engineer/Architect
office: +1 303.468.2900
mobile: +1 303.507.2833
Ping Identity
-----Original Message-----
From: Borut Bolcina [mailto:[EMAIL PROTECTED]
Sent: Tue 2/27/2007 7:08 AM
To: Tapestry users
Subject: Role based security
Hello list,
I was wondering if there is a better way of securing page components
than using @If components (example from VirtualLibrary for Tapestry
v4.0, Border.html)
<span jwcid="@If" condition="ognl:admin">
<tr>
<td rowspan="1" colspan="1" width="178" height="19"><img
src="/vlib/images/nav/nav_6x1.png" width="178" height="19" border="0"
alt="Admin"/></td>
</tr>
...
</span>
<span jwcid="@If" condition="ognl:loggedIn">
<tr>
<td rowspan="1" colspan="1" width="178" height="29"><a href="#"
jwcid="logout"><img jwcid="logoutRollover"
src="/vlib/images/nav/nav_10x1.png" width="178" height="29" border="0"
alt="Logout"/></a></td>
</tr>
</span>
<span jwcid="@If" condition="ognl:!loggedIn">
<tr>
<td rowspan="1" colspan="1" width="178" height="29"><a href="#"
jwcid="login"><img jwcid="loginRollover"
src="/vlib/images/nav/nav_10x1.png" width="178" height="29" border="0"
alt="Login"/></a></td>
</tr>
</span>
I read all I could find on the list about acegi and a wiki entries
starting at http://wiki.apache.org/tapestry/AcegiSpringJava5, but none
of the texts mention or suggests something like
<span jwcid="@Secured" role="acegi:{ROLE_USER, ROLE_ADMIN}">
<tr>
<td rowspan="1" colspan="1" width="178" height="19"><img
src="/vlib/images/nav/nav_6x1.png" width="178" height="19" border="0"
alt="Admin"/></td>
</tr>
...
</span>
How about creating such component? How do you guys do it?
Cheers,
Borut
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]