On Fri, Mar 4, 2011 at 1:49 AM, Magnus Kvalheim <mag...@kvalheim.dk> wrote: > This post is mostly related to tapestry-security, but I hope it's ok to post > here in tapestry mailing list (now that Kalle is a committer and all.. :) ) > So I finally decided to implement tapestry-security. Had a few bumps in the > road, as I will come back to, but all in all I must say it's been a > pleasure.
Thanks for the extensive usage report Magnus! I've used tapestry-security in so many projects now that I now it works well but that said, I do want it to cover *all* security use cases. > 1. Make tapestry-security localization aware > When specifying urls for AccessControlFilters, either in shiro.ini or while > setting applicationDefaults tapestry-security does not seem to honor > localization. > So if I'm in accessing though /en paths - then I'm redirected to a / and > loose the localization info. > I have not been able to solve this yet. Please open a (Tynamo) issue for it and I get to it. > 2. shiro.ini or module configuration - I'm confused > The tapestry-security documentation say you can configure shiro in either > shiro.ini or in module. > I might be wrong here, but it seems that from module you can only configure > redirect urls, and FilterChainDefinitions > through contributeSecurityRequestFilter. You are right, currently shiro.ini is needed for configuring that. I had made a separate jsecurity integration myself and the functionality is available in tapestry-security 0.1.0, but that part is yet to merged into current tapestry-security codebase (which is the result of work from multiple contributors). I think I had even an issue opened for it.. yes this is related: http://jira.codehaus.org/browse/TYNAMO-76 (there's more, but I spare you from the details). > 3. Problems doing logout from tapestry > (I've just found a different post regarding this with subject: "Error after > logout") > I found that when shiro is doing logout it invalidates the session in the > end. You can log out alright, but you just get the ugly stack traces if Tapestry doesn't know about it before hand. Howard by the way fixed that already in T5.3. What you ended up doing is exactly how I've done it in numerous samples we have for tapestry-security. As always, the documentation could be improved... Kalle --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
