Borut,
Sorry. I don't have this in a library yet - the applications I've been
working on lately have rather flat security requirements so I haven't
extracted this out into a library.
Here's a little snippet out of the menu section of my Border component for
sample usage:
<li>
<a href="" jwcid="@PageLink" page="CalendarMonthViewList"
disabled="ognl:page.pageName.equals('CalendarMonthViewList') ||
!(page.focusFranchiseExists)">Month Calendar</a>
</li>
<span jwcid="@Authorize" ifAnyGranted="ROLE_ADMIN,ROLE_SUPERVISOR,ROLE_CSR">
<li>
<a href="" jwcid="@PageLink" page="AgentConsole"
disabled="ognl:page.pageName.equals('AgentConsole')">Agent Console</a>
</li>
</span>
<span jwcid="@Authorize"
ifAnyGranted="ROLE_ADMIN,ROLE_SUPERVISOR,ROLE_CSR,ROLE_FRANCHISEE">
<span jwcid="@If" condition="ognl:page.focusFranchiseExists">
<li><a href="" jwcid="@ExternalLink" page="EstimateEdit"
parameters="ognl:{null,page.focusFranchise.id}"
disabled="ognl:page.pageName.equals('EstimateEdit')">New Estimate</a>
</li>
</span>
</span>
I could have cleaned this up by getting rid of a few <span> tags and
specifying the "element" property for the @Authorize component. (Remember,
it really does behave like an "If" - you can even use the Else with it.)
The hard part I found was the Spring side of my plumbing - I jumped into the
deep end implementing org.acegisecurity.userdetails.UserDetailsService. I
also have a rather hacked-up way of doing my authentication borrowing from
EWDT.
If you can start out getting things working as described in the Wiki, and
then incorporate my stuff that's what I would suggest.
Basically, once you have a SecurityContextHolder containing your
SecurityContext, things get much easier.
Jonathan
> -----Original Message-----
> From: Borut BolĨina [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, February 28, 2007 3:43 AM
> To: Tapestry users
> Subject: Re: Role based security
>
> Hello Jonathan,
>
> I found
> http://mail-archives.apache.org/mod_mbox/tapestry-
> users/200606.mbox/[EMAIL PROTECTED]
>
> I will have to study the code, as my T4 mileage is short. You don't happen
> to have a component library set up with some examples would you?
>
> Thanks,
> Borut
>
>
> 2007/2/27, Jonathan Barker <[EMAIL PROTECTED]>:
> >
> > Mark,
> >
> > Do a Google search using the search string:
> >
> > site:http://mail-archives.apache.org/mod_mbox "Jonathan Barker"
> >
> > I posted some information and code in June 2006 about creating
> @Authorize
> > and @AclAuthorize based on the code for the tapestry @If component, and
> > the
> > Authorize and AclAuthorize JSP taglibs.
> >
> > I've had this in production since last May and it's been working
> > beautifully.
> >
> > Jonathan
> >
> >
> >
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
