Hi, I'm using Tapestry 5.1 with Tapestry Spring Security 2.1.0 and I've noticied a strange behaviour :
I've annoted my class to require the user to be logged : @org.springframework.security.annotation.Secured("ROLE_USER") public class TestPage { @Inject private Logger log; public Object onActivate() throws MalformedURLException { log.error("Activate"); } } But even if the user is not logged in, the onActivate is called. 17/05/2010 16:08:50 ERROR tapestry.pages.TestPage - Activate tapestry.render.tapestry.pages.TestPage - Render queue error in BeginRender[TestPage]: Accès refusé org.apache.tapestry5.ioc.internal.util.TapestryException: Accès refusé $ curl -v http://localhost:8080/testpage * About to connect() to localhost port 8080 (#0) * Trying ::1... connected * Connected to localhost (::1) port 8080 (#0) > GET /testpage HTTP/1.1 > User-Agent: curl/7.19.5 (x86_64-pc-linux-gnu) libcurl/7.19.5 OpenSSL/0.9.8g zlib/1.2.3.3 libidn/1.15 > Host: localhost:8080 > Accept: */* > < HTTP/1.1 302 Found < Expires: Thu, 01 Jan 1970 00:00:00 GMT < Set-Cookie: JSESSIONID=n245s03f9faj;Path=/ < Location: http://localhost:8080/login/please;jsessionid=n245s03f9faj < Content-Length: 0 < Server: Jetty(6.1.9) < * Connection #0 to host localhost left intact * Closing connection #0 If I add the @Secured annotation to the onActivate, it works as expected. The onActivate is not called. Is this a normal behavior ? Thanks. Nicolas. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org