Yes, this is the "normal" way, another way is to make a tapestry form, f.e.:
<t:form>
<t:textfield value="username" />
<t:passwordfield value="password" />
<t:submit />
</t:form>
and in OnSuccess event something like:
@inject
AuthenticationManager authenticationManager;
void onSuccess() {
Authentication authentication = new
UsernamePasswordAuthenticationToken(username, password);
Authentication authResult =
authenticationManager.authenticate(authentication);
SecurityContextHolder.getContext().setAuthentication(authResult);
}
this code throws an AuthenticationException if authentication fails.
Eugen
2014-07-15 19:09 GMT+02:00 TNO <tno...@free.fr>:
> Thanks, but
>
> This is a form with an action value
>
> <form id="formLogin" action="/j_spring_security_check" method="POST"
> class="line">
>
> This is not a tapestry form (t:form), I don't think I can use the onSuccess
>
> Thomas
>
> Le 15/07/2014 18:49, Eugen a écrit :
>
> Hi,
>> You can login programatically in onSucces function of a tapestry form.
>> Best regards
>> Eugen
>> Am 15.07.2014 16:16 schrieb "TNO" <tno...@free.fr>:
>>
>> Hello,
>>>
>>> Is there anybody who already use tapestry-csrf-protection with
>>> Tapestry-Spring-Security ?
>>>
>>> tapestry-csrf-protection works out of the box with t:form, but
>>> Tapestry-Spring-Security works with is a simple html form and uses the
>>> Spring HttpServletRequestFilter.
>>>
>>> I'm using <input t:type="csrf/hidden"/> in the login form but I can't
>>> check the token value in the filters...
>>>
>>> Thanks for any help
>>>
>>> Cheers, Thomas
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
>>> For additional commands, e-mail: users-h...@tapestry.apache.org
>>>
>>>
>>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
> For additional commands, e-mail: users-h...@tapestry.apache.org
>
>
