You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tapestry.apache.org by "Ing. Stefano Girotti" <ic...@hotpop.com> on 2006/05/19 15:06:58 UTC

Re: Best pratice - CRUD Security - Tapestry 4.0 With EJB3 persistence


"James Carman" <ja...@carmanconsulting.com> ha scritto nel messaggio 
news:<00...@CARMANI9300>...
>You could put an interceptor on your services if you wish.


Is it possible to put an interceptor on every service by default?
where i can find an example of security interceptor?

i'm ALSO looking for a Searchable Security:
for example:
for the current user i have to find what special offers can buy....
and again.... the classic Access Control List have read - write - delete
or
admin properties....  i'd like to extend it... for example a special offer
is avaible from date to date... or by special code...

Finally if a user can't access to some page or some function i'd like 
to hide the corresponding link...
i thougth that i can do a "border" component to encapsulate this kind 
of security

in this case i have to import in all my pages this component....

it's possible to do the same as jsp: (taken from tomcat 5.5 examples)


JSP 2.0 Examples - JSP Configuration


----------
Using a <jsp-property-group> element in the web.xml deployment 
descriptor, this JSP page has been configured in the following ways:
    * Uses <include-prelude> to include the top banner.
    * Uses <include-coda> to include the bottom banner.
    * Uses <scripting-invalid> true to disable <% scripting %> elements
    * Uses <el-ignored> true to disable ${EL} elements
    * Uses <page-encoding> ISO-8859-1 to set the page encoding 
(though this is the default anyway)
There are various other configuration options that can be used.


I'm going to use all of this in a project surely based on EJB3 on 
JBoss 4.. .i hope to use both tapestry & hivemind....



Signature Light              \\  ~ ~  //
                               (  O o  )
____________________________oOOo_(_)_oOOo_________________________

Main e-mail: icecuber@bigfoot.com
IRC Nick: IceCubeR
ICQ UIN: 48898319
MSN : icecuberh@hotmail.com

Visit My Home Page:
http://www.geocities.com/SiliconValley/Way/5515
__________________________________________________________________



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org

RE: Best pratice - CRUD Security - Tapestry 4.0 With EJB3 persistence

Posted by James Carman <ja...@carmanconsulting.com>.
No, that's not currently possible.  You cannot have an interceptor injected
by default into every service point.

-----Original Message-----
From: Ing. Stefano Girotti [mailto:icecuber@hotpop.com] 
Sent: Friday, May 19, 2006 9:07 AM
To: users@tapestry.apache.org
Subject: Re: Best pratice - CRUD Security - Tapestry 4.0 With EJB3
persistence



"James Carman" <ja...@carmanconsulting.com> ha scritto nel messaggio 
news:<00...@CARMANI9300>...
>You could put an interceptor on your services if you wish.


Is it possible to put an interceptor on every service by default?
where i can find an example of security interceptor?

i'm ALSO looking for a Searchable Security:
for example:
for the current user i have to find what special offers can buy....
and again.... the classic Access Control List have read - write - delete
or
admin properties....  i'd like to extend it... for example a special offer
is avaible from date to date... or by special code...

Finally if a user can't access to some page or some function i'd like 
to hide the corresponding link...
i thougth that i can do a "border" component to encapsulate this kind 
of security

in this case i have to import in all my pages this component....

it's possible to do the same as jsp: (taken from tomcat 5.5 examples)


JSP 2.0 Examples - JSP Configuration


----------
Using a <jsp-property-group> element in the web.xml deployment 
descriptor, this JSP page has been configured in the following ways:
    * Uses <include-prelude> to include the top banner.
    * Uses <include-coda> to include the bottom banner.
    * Uses <DEFANGED_scripting-invalid> true to disable <% scripting %>
elements
    * Uses <el-ignored> true to disable ${EL} elements
    * Uses <page-encoding> ISO-8859-1 to set the page encoding 
(though this is the default anyway)
There are various other configuration options that can be used.


I'm going to use all of this in a project surely based on EJB3 on 
JBoss 4.. .i hope to use both tapestry & hivemind....



Signature Light              \\  ~ ~  //
                               (  O o  )
____________________________oOOo_(_)_oOOo_________________________

Main e-mail: icecuber@bigfoot.com
IRC Nick: IceCubeR
ICQ UIN: 48898319
MSN : icecuberh@hotmail.com

Visit My Home Page:
http://www.geocities.com/SiliconValley/Way/5515
__________________________________________________________________



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org