You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tapestry.apache.org by Dapeng <da...@spiralcomms.com> on 2008/01/07 06:21:14 UTC
T5 How to bypass TapestryFilter?
Hi guys
I have a protected folder /private under the root
but inside the folder i am only going to serve static contents like
images and pdf
but when i try to access the resource
/myApp/private/images/1.jpg
i got an exception saying there is no such page
Unable to resolve 'private/images/1' to a known page name.
how to bypass the TapestryFilter?
juz let the tomcat handle the request as per normal ???
thx
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: T5 How to bypass TapestryFilter?
Posted by Dapeng <da...@spiralcomms.com>.
yet ... want to implement some access control
say only valid login user should be able to view the images, pdfs
non-login user should be redirected to loginpage
Here is my current solution
i registered a new Filter and checks the Session of the request,
i am storing User as an ASO once login
so i check against the URL (begins with "/private") and the Session for
the ASO key (figure out it is something like aso:my.package.User)
if the key is not found then i redirect the response to my login page
sample codes
////////////////////////
// PrivateResourceFilter.java
///////////////////////
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain)
throws IOException, ServletException {
HttpServletRequest httprequest = (HttpServletRequest) request;
if (httprequest.getServletPath().startsWith("/private")) {
HttpSession session = httprequest.getSession(false);
if(session == null ||
session.getAttribute("aso:"+User.class.getName())== null){
HttpServletResponse httpresponse =
(HttpServletResponse)response;
httpresponse.sendRedirect(httprequest.getContextPath()+"/login");
return;
}
}
chain.doFilter(request, response);
}
/////////////////////////////
// web.xml
////////////////////////////
<filter>
<filter-name>app</filter-name>
<filter-class>org.apache.tapestry.TapestryFilter</filter-class>
</filter>
<filter>
<filter-name>PrivateResourceFilter</filter-name>
<filter-class>com.mine.train.webfilters.PrivateResourceFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>PrivateResourceFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>app</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
it works but ... any better solutions ???
Dapeng wrote:
> Ye ... have to say my mistake ... i juz took the design mockup from my
> designer and FIND-AND-REPLACE the dummy links
>
> turns out there is a typo in the links ...
>
> :<
>
>
>
> Sorry
>
>
>
> Fernando Padilla wrote:
>> That is really weird because the TapestryFilter is supposed to check to
>> see if there is a resource in the file system that matches the url
>> first, before trying to interpret it. If that functionality is really
>> truly broken, then a bug should be filed, and tapestry fixed.
>>
>> So the first question, are the url correct and pointing to the real
>> files in the filesystem?
>>
>>
>> Davor Hrg wrote:
>>
>>> there are few ways..
>>> one is to extend tapestryFilter and use that version in web.xml
>>>
>>> Davor Hrg
>>>
>>> On Jan 7, 2008 6:21 AM, Dapeng <da...@spiralcomms.com> wrote:
>>>
>>>> Hi guys
>>>>
>>>> I have a protected folder /private under the root
>>>>
>>>> but inside the folder i am only going to serve static contents like
>>>> images and pdf
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> but when i try to access the resource
>>>>
>>>>
>>>>
>>>> /myApp/private/images/1.jpg
>>>>
>>>>
>>>> i got an exception saying there is no such page
>>>>
>>>>
>>>> Unable to resolve 'private/images/1' to a known page name.
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> how to bypass the TapestryFilter?
>>>>
>>>>
>>>> juz let the tomcat handle the request as per normal ???
>>>>
>>>>
>>>> thx
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>>>> For additional commands, e-mail: users-help@tapestry.apache.org
>>>>
>>>>
>>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>>> For additional commands, e-mail: users-help@tapestry.apache.org
>>>
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> For additional commands, e-mail: users-help@tapestry.apache.org
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: T5 How to bypass TapestryFilter?
Posted by Dapeng <da...@spiralcomms.com>.
Ye ... have to say my mistake ... i juz took the design mockup from my
designer and FIND-AND-REPLACE the dummy links
turns out there is a typo in the links ...
:<
Sorry
Fernando Padilla wrote:
> That is really weird because the TapestryFilter is supposed to check to
> see if there is a resource in the file system that matches the url
> first, before trying to interpret it. If that functionality is really
> truly broken, then a bug should be filed, and tapestry fixed.
>
> So the first question, are the url correct and pointing to the real
> files in the filesystem?
>
>
> Davor Hrg wrote:
>
>> there are few ways..
>> one is to extend tapestryFilter and use that version in web.xml
>>
>> Davor Hrg
>>
>> On Jan 7, 2008 6:21 AM, Dapeng <da...@spiralcomms.com> wrote:
>>
>>> Hi guys
>>>
>>> I have a protected folder /private under the root
>>>
>>> but inside the folder i am only going to serve static contents like
>>> images and pdf
>>>
>>>
>>>
>>>
>>>
>>> but when i try to access the resource
>>>
>>>
>>>
>>> /myApp/private/images/1.jpg
>>>
>>>
>>> i got an exception saying there is no such page
>>>
>>>
>>> Unable to resolve 'private/images/1' to a known page name.
>>>
>>>
>>>
>>>
>>>
>>> how to bypass the TapestryFilter?
>>>
>>>
>>> juz let the tomcat handle the request as per normal ???
>>>
>>>
>>> thx
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>>> For additional commands, e-mail: users-help@tapestry.apache.org
>>>
>>>
>>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> For additional commands, e-mail: users-help@tapestry.apache.org
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: T5 How to bypass TapestryFilter?
Posted by Fernando Padilla <fe...@alum.mit.edu>.
That is really weird because the TapestryFilter is supposed to check to
see if there is a resource in the file system that matches the url
first, before trying to interpret it. If that functionality is really
truly broken, then a bug should be filed, and tapestry fixed.
So the first question, are the url correct and pointing to the real
files in the filesystem?
Davor Hrg wrote:
> there are few ways..
> one is to extend tapestryFilter and use that version in web.xml
>
> Davor Hrg
>
> On Jan 7, 2008 6:21 AM, Dapeng <da...@spiralcomms.com> wrote:
>> Hi guys
>>
>> I have a protected folder /private under the root
>>
>> but inside the folder i am only going to serve static contents like
>> images and pdf
>>
>>
>>
>>
>>
>> but when i try to access the resource
>>
>>
>>
>> /myApp/private/images/1.jpg
>>
>>
>> i got an exception saying there is no such page
>>
>>
>> Unable to resolve 'private/images/1' to a known page name.
>>
>>
>>
>>
>>
>> how to bypass the TapestryFilter?
>>
>>
>> juz let the tomcat handle the request as per normal ???
>>
>>
>> thx
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> For additional commands, e-mail: users-help@tapestry.apache.org
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: T5 How to bypass TapestryFilter?
Posted by Davor Hrg <hr...@gmail.com>.
there are few ways..
one is to extend tapestryFilter and use that version in web.xml
Davor Hrg
On Jan 7, 2008 6:21 AM, Dapeng <da...@spiralcomms.com> wrote:
> Hi guys
>
> I have a protected folder /private under the root
>
> but inside the folder i am only going to serve static contents like
> images and pdf
>
>
>
>
>
> but when i try to access the resource
>
>
>
> /myApp/private/images/1.jpg
>
>
> i got an exception saying there is no such page
>
>
> Unable to resolve 'private/images/1' to a known page name.
>
>
>
>
>
> how to bypass the TapestryFilter?
>
>
> juz let the tomcat handle the request as per normal ???
>
>
> thx
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org