Maybe you should look at the tapestry-spring-security plugin
(http://www.localhost.nu/java/tapestry-spring-security/index.html). It
works great and integrating is also not that difficult.
Good thing is that you can both secure by single page or by page folders.
Beware that it is not compatible with 5.1.x yet (works only for 5.0.18).
daniel joyce schrieb:
So I want to use pages with context so that it is easily bookmarkable.
My website uses a DataSourcerealm to determine which pages can be
accessed by a user.
So normal flow is user logs in, first page he gets directed to sets up
the User object as a ASO, other pages use this user.
But if he bookmarks a url with context, say "configureProject/124332",
and he clickes on the bookmark, logs in to tomcat, and gets redirected
to it, the User object may not have been initialized yet. Now
configure project is fine, since it is mostly working with projects.
But I want the user object to exist so that I confirm the user
actually owns it.
Now I could have a basepage, whose onActivate() grabs the auth'd user
string from the Httpsession, runs a query, and either sets up the User
object, or bounces out the login page. And every other page could
inherit from this one, and call super.OnActivate in their onActivate
method.
But I was wondering, is there a service I can write that can examine
the HttpSession, and populate the User object. Is HttpSession
available to services already? IE, can I inject it in the usual method
via my builder?
-Daniel
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
--
manuel aldana
ald...@gmx.de
software-engineering blog: http://www.aldana-online.de
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
