Firstly I just want to say Tapestry 5 is amazing, Tapestry 4 was very good but Tapestry 5 is outstanding. One thing I haven't figured out how to do the Tapestry 5 way is controlling page access.
On many sites I write there is often a need to password protect a large number of pages. The way I usually do it in Tapestry 4 was to put an object in the application state once the user logged in. Then every restricted page was a sub class of my RestrictedPage class. The RestrictedPage class was a subclass of Page, which when activated check the existence of the Application Sate Object. If the user wasn't logged in there was no application state object they weren't logged in. I have been trying to do a similar thing in Tapestry 5, my first problem was that I couldn't get all of the annotations and special methods (like onActivate) to work if declared in the base class RestrictedPage. The same code worked fine in the actual page class, however I don't really want a big chunk of identical code in every class of a restricted page, as that would make future changes to the login system difficult. I assume its a feature rather than a bug that these annotations and special methods don't work if defined in the base class. I was looking at various solutions to this and found the Tapestry 5 acegi library, http://www.localhost.nu/java/tapestry5-acegi/ It has a really nice secured annotation to do a similar thing e.g. @Secured("ROLE_ADMIN") public class AdminPage { } I was wondering how this worked. I am assuming its through some sort of T5 service. I was looking at the documentation on the T5 site, although I can't figure how to do something like that. I also had a look at the Tapestry 5 acegi library. But not knowing acegi, its hard to see how this works in the source. I was wondering if someone could tell me the basic principle of what I need to write or implement to be able to hook in the to the page loading procedure from just an annotation. Charlie M --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
