My old solution which worked fine with the little glitch I described in my
last post. The problem might be in the session.invalidate();
@Inject
private Request request;
@Inject
private Response response;
@Property
private String username;
@Property
private String password;
@Component(id = "loginForm")
private Form loginForm;
Object onValidate.....
void onSuccessFromLoginForm() throws IOException
{
request.getSession(false).invalidate();
StringBuffer path = new StringBuffer(request.getContextPath())
.append(Constants.J_SPRING_SECURITY_CHECK)
.append("?")
.append(Constants.J_USERNAME).append("=").append(username)
.append("&")
.append(Constants.J_PASSWORD).append("=").append(password);
response.sendRedirect(path.toString());
}
public class Constants
{
public static final String J_USERNAME = "j_username";
public static final String J_PASSWORD = "j_password";
public static final String J_SPRING_SECURITY_CHECK =
"/j_spring_security_check";
public static final String J_SPRING_SECURITY_LOGOUT =
"/j_spring_security_logout";
}
2009/3/27 Borut Bolčina <[email protected]>
> I am using tapestry-spring-security. It works ok, but I am trying to
> spice up the login form with captcha if user has failed to login 5
> times (like google account).
>
> The form uses action="${loginCheckUrl}" method="POST" and is a regular
> html form (not t:form). But I need it to be t:form to put some
> validation logic into onValidate method and later on in onSuccess
> method a forward to /j_spring_security_check.
>
> But forwarding with
> requestDispatcher.forward(requestGlobals.getHTTPServletRequest(),
> requestGlobals.getHTTPServletResponse());
>
> causes an exception.
>
> There must be a solution?!
>
> -Borut
>
>
> 2009/3/27 Peter Lundberg <[email protected]>:
> > Jean Luc...
> >
> > Did you have a look at tapestry-spring-security? The repositry is at
> >
> http://www.localhost.nu/java/mvn/nu/localhost/tapestry/tapestry-spring-secur
> > ity/ but the project site seams to be down. It is rough on the edges, but
> > works well and is not to hard to understand the code.
> >
> > It would be great if this got into more mainstream somewhere so it is
> easy
> > to add robust authorization to the applications we build almost all
> have
> > it and will sooner or later need the things that spring-security provide.
> >
> > Appfuse also has an integration you could look at if you have not done so
> > already. http://code.google.com/p/tapestry5-appfuse/
> >
> > Excuse me if this was covered already in the thread.
> >
> > Br
> > Peter
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [email protected]
> For additional commands, e-mail: [email protected]
>
>
