My advice... "Roll-your-own" can be okay for simple cases, but home-grown security implementations, even for such "simple" cases, can have subtle security vulnerabilities that a well-tested library like Tapestry-security probably won't. And many "simple" cases evolve into complex ones over time, so spending a few hours putting in a solid security implementation (such as Tapestry-security with Shiro) that can grow with your application usually makes sense.
On Sun, Mar 18, 2012 at 9:30 PM, Taha Hafeez Siddiqi <tawus.tapes...@gmail.com> wrote: > Hi > > On Mar 19, 2012, at 6:50 AM, Paul Stanton wrote: > >> Hi group, >> >> Is it recommended to use a security module such as tynamo's >> tapestry-security when all you require is username/password authentication >> to a couple of pages? >> > > If the project is going to stay at "a couple of pages of authentication", you > can always role your own. > http://tapestryjava.blogspot.in/2009/12/securing-tapestry-pages-with.html. > >> Is there a simpler add-on module? >> > > You have to add dependencies, write a Realm and define the rules. Not more > than 10-15 lines. What can be simpler :) > >> Is 'roll-your-own' a generally accepted practice for a simple implementation? >> > > I did that in a couple of projects but then went back to tapestry-security. > :). > >> Discuss.... >> >> thanks, Paul. >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org >> For additional commands, e-mail: users-h...@tapestry.apache.org >> > > regards > Taha > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
