Yes, this is the "normal" way, another way is to make a tapestry form, f.e.: <t:form> <t:textfield value="username" /> <t:passwordfield value="password" /> <t:submit /> </t:form>
and in OnSuccess event something like: @inject AuthenticationManager authenticationManager; void onSuccess() { Authentication authentication = new UsernamePasswordAuthenticationToken(username, password); Authentication authResult = authenticationManager.authenticate(authentication); SecurityContextHolder.getContext().setAuthentication(authResult); } this code throws an AuthenticationException if authentication fails. Eugen 2014-07-15 19:09 GMT+02:00 TNO <tno...@free.fr>: > Thanks, but > > This is a form with an action value > > <form id="formLogin" action="/j_spring_security_check" method="POST" > class="line"> > > This is not a tapestry form (t:form), I don't think I can use the onSuccess > > Thomas > > Le 15/07/2014 18:49, Eugen a écrit : > > Hi, >> You can login programatically in onSucces function of a tapestry form. >> Best regards >> Eugen >> Am 15.07.2014 16:16 schrieb "TNO" <tno...@free.fr>: >> >> Hello, >>> >>> Is there anybody who already use tapestry-csrf-protection with >>> Tapestry-Spring-Security ? >>> >>> tapestry-csrf-protection works out of the box with t:form, but >>> Tapestry-Spring-Security works with is a simple html form and uses the >>> Spring HttpServletRequestFilter. >>> >>> I'm using <input t:type="csrf/hidden"/> in the login form but I can't >>> check the token value in the filters... >>> >>> Thanks for any help >>> >>> Cheers, Thomas >>> >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org >>> For additional commands, e-mail: users-h...@tapestry.apache.org >>> >>> >>> > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org > For additional commands, e-mail: users-h...@tapestry.apache.org > >