How about using the new ComponentMethodAdvice? Sounds like that might be
a good fit.
-Filip
On 2008-05-07 15:20, Robin Helgelin wrote:
On Wed, May 7, 2008 at 1:06 PM, Otho <[EMAIL PROTECTED]> wrote:
Hi Robin,
of the underlying concepts from developers. For example your Todo list still
has the non working method security and the ability to access action
handlers in @Secured classes open. Because of the conventions in method
naming it is not that hard to guess the complete url of some action handlers
and possibly wreak havoc.
Secure methods are working in the latest 1.1.0-SNAPSHOT, and I should
probably release that so more can test it.
However, action handlers is another thing. As I currently extend
TransformConstants.BEGIN_RENDER_SIGNATURE, it breaks action handlers.
But, if I extend CONTAINING_PAGE_DID_ATTACH_SIGNATURE you'll get an
access failure just by linking to a secured page. Perhaps
DISPATCH_COMPONENT_EVENT would work? But there is no matching end
event to that one.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
