You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@turbine.apache.org by Jürgen Hoffmann <jh...@byteaction.de> on 2002/08/23 09:22:56 UTC
Pull Tools
Hi all,
I was wondering if it is possible to limit the usage of pulltools to
templates as well.
For example I hav a Pull Tool that should only be available in "secure"
Templates (User has to be logged in).
Reason for this question. Say you have a dev company that has developed
the app and now the app is moved to the server from which another HTML
Design Company is doing the template design. Now say you have one moron
that puts the template into an "unsecure" directory. Where a surfer does
not have to be logged in. Since Pulltools most often produce handy
functions and most often allow acces to the om, this information would
be available to the Designer Moron who is using it without knowing the
template lies in an unsecure environment.
I want the pulltool to check whether a user isAuthorized to use the
PullTool but to pass the RunData to the Pull Tool each Time I use it
seems to be kind of an overkill to me. Is there a global configuration
that I have overseen?
Kind regards
Jürgen Hoffmann
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: Pull Tools
Posted by Jeff Linwood <je...@greenninja.com>.
Hi,
Do you have a SecureScreen screen class that you use? You could put the
tool object into the context there.
Hopefully this should keep your application safe from "morons" :)
Jeff
----- Original Message -----
From: "Jürgen Hoffmann" <jh...@byteaction.de>
To: <tu...@jakarta.apache.org>
Sent: Friday, August 23, 2002 2:22 AM
Subject: Pull Tools
Hi all,
I was wondering if it is possible to limit the usage of pulltools to
templates as well.
For example I hav a Pull Tool that should only be available in "secure"
Templates (User has to be logged in).
Reason for this question. Say you have a dev company that has developed
the app and now the app is moved to the server from which another HTML
Design Company is doing the template design. Now say you have one moron
that puts the template into an "unsecure" directory. Where a surfer does
not have to be logged in. Since Pulltools most often produce handy
functions and most often allow acces to the om, this information would
be available to the Designer Moron who is using it without knowing the
template lies in an unsecure environment.
I want the pulltool to check whether a user isAuthorized to use the
PullTool but to pass the RunData to the Pull Tool each Time I use it
seems to be kind of an overkill to me. Is there a global configuration
that I have overseen?
Kind regards
Jürgen Hoffmann
--
To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
For additional commands, e-mail:
<ma...@jakarta.apache.org>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: Pull Tools
Posted by Scott Eade <se...@backstagetech.com.au>.
> From: Jürgen Hoffmann <jh...@byteaction.de>
>
> I want the pulltool to check whether a user isAuthorized to use the
> PullTool but to pass the RunData to the Pull Tool each Time I use it
> seems to be kind of an overkill to me. Is there a global configuration
> that I have overseen?
If your pull tool is request scope then you will have access to RunData
anyway. The other big advantage of a request scope pull tool is that it
need not be threadsafe.
HTH,
Scott
--
Scott Eade
Backstage Technologies Pty. Ltd.
http://www.backstagetech.com.au
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>