Thiago, what would be the proper render event to decorate for access security checks (if not @SetupRender) if the page is annotated as @Secured ?
Nicolas, although it certainly is annoying, can you annotate the page w/ @Secured, and in the cases where you have onActivate, annotate them as well ? It certainly isn't ideal (or clean), but can that work for your use case for now ? Regards, Alex Kotchnev On Mon, May 17, 2010 at 12:40 PM, Thiago H. de Paula Figueiredo < thiag...@gmail.com> wrote: > On Mon, 17 May 2010 11:12:48 -0300, Nicolas Bouillon <nico...@bouil.org> > wrote: > > Hi, >> > > Hi! > > I'm using Tapestry 5.1 with Tapestry Spring Security 2.1.0 and I've >> noticied a strange behaviour : >> But even if the user is not logged in, the onActivate is called. >> > > As far as I can remember, TSS checks the @Secured in page classes > annotation by decorating the @SetupRender render event, which is triggered > after the activate event. That's exactly why I left TSS and started working > on a security package of my own. > > -- > Thiago H. de Paula Figueiredo > Independent Java, Apache Tapestry 5 and Hibernate consultant, developer, > and instructor > Owner, Ars Machina Tecnologia da Informação Ltda. > http://www.arsmachina.com.br > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org > For additional commands, e-mail: users-h...@tapestry.apache.org > >
