You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tapestry.apache.org by Kalle Korhonen <ka...@gmail.com> on 2012/01/26 09:42:04 UTC
[ANNOUNCEMENT] Tapestry-security 0.4.1 released!
Tapestry-security, the comprehensive security package for Tapestry
just got a bit more comprehensive with the new 0.4.1 release! 0.4.x is
tested with and meant both for T5.2 and T5.3.
We picked up the brand new Apache Shiro 1.2.0 release of which
development snapshots we've been running against for months now. We
also decided it's time to start eating our own dog food, so we
delegated tapestry-security's exception handling to another module
from http://tynamo.org, tapestry-exceptionpage, in order to
gracefully handle security responses as redirects, ajax or not. Read
more about what tapestry-security can do for you from
http://tynamo.org/tapestry-security+guide. Special thanks to Lenny
Primak for relentlessly bugging us until we just had to get the 0.4.1
out the door :P
Release notes:
Bug
[TYNAMO-102] - Specify id for RequestExceptionHandler advice for
preventing unintentional override
[TYNAMO-103] - @Security, tapestry.secure-enabled,
MetaDataConstants.SECURE_PAGE not honored by Tapestry security
[TYNAMO-105] - Warning is issued in the log file on every startup
Improvement
[TYNAMO-87] - Redirects should honor localization
[TYNAMO-106] - Login screen background file (login-bg.png) is too
large for the web - smaller file attached
[TYNAMO-109] - Allow Unauthorized and Login page to be a single page
[TYNAMO-110] - redirect to login page for pages secured with
@RequiresXXX annotations
[TYNAMO-113] - Test for ajax in the
AccessControlFilter.issueRedirect and issue a client-side "soft"
redirect if so
[TYNAMO-117] - Add symbol for disabling redirect to saved request
[TYNAMO-118] - Store savedrequest into a cookie instead of session
[TYNAMO-119] - In SecurityFilterChainFactoryImpl, use
componentClassResolver to resolve pageclasses to urls
New Feature
[TYNAMO-111] - Add support for SslFilter & PortFilter
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: [tynamo-user] [ANNOUNCEMENT] Tapestry-security 0.4.1 released!
Posted by Lenny Primak <lp...@hope.nyc.ny.us>.
Thank you all! Well done.
On Jan 26, 2012, at 2:42 AM, Kalle Korhonen <ka...@gmail.com> wrote:
> Tapestry-security, the comprehensive security package for Tapestry
> just got a bit more comprehensive with the new 0.4.1 release! 0.4.x is
> tested with and meant both for T5.2 and T5.3.
>
> We picked up the brand new Apache Shiro 1.2.0 release of which
> development snapshots we've been running against for months now. We
> also decided it's time to start eating our own dog food, so we
> delegated tapestry-security's exception handling to another module
> from http://tynamo.org, tapestry-exceptionpage, in order to
> gracefully handle security responses as redirects, ajax or not. Read
> more about what tapestry-security can do for you from
> http://tynamo.org/tapestry-security+guide. Special thanks to Lenny
> Primak for relentlessly bugging us until we just had to get the 0.4.1
> out the door :P
>
> Release notes:
> Bug
>
> [TYNAMO-102] - Specify id for RequestExceptionHandler advice for
> preventing unintentional override
> [TYNAMO-103] - @Security, tapestry.secure-enabled,
> MetaDataConstants.SECURE_PAGE not honored by Tapestry security
> [TYNAMO-105] - Warning is issued in the log file on every startup
>
> Improvement
>
> [TYNAMO-87] - Redirects should honor localization
> [TYNAMO-106] - Login screen background file (login-bg.png) is too
> large for the web - smaller file attached
> [TYNAMO-109] - Allow Unauthorized and Login page to be a single page
> [TYNAMO-110] - redirect to login page for pages secured with
> @RequiresXXX annotations
> [TYNAMO-113] - Test for ajax in the
> AccessControlFilter.issueRedirect and issue a client-side "soft"
> redirect if so
> [TYNAMO-117] - Add symbol for disabling redirect to saved request
> [TYNAMO-118] - Store savedrequest into a cookie instead of session
> [TYNAMO-119] - In SecurityFilterChainFactoryImpl, use
> componentClassResolver to resolve pageclasses to urls
>
> New Feature
>
> [TYNAMO-111] - Add support for SslFilter & PortFilter
>
> ---------------------------------------------------------------------
> To unsubscribe from this list, please visit:
>
> http://xircles.codehaus.org/manage_email
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: [ANNOUNCEMENT] Tapestry-security 0.4.1 released!
Posted by AndrejKr <ak...@gmail.com>.
Hi all
TX a lot, all combined this works perfect.
Hope I can someday return the favor.
b.r.,
Andrej Krušnik
--
View this message in context: http://tapestry.1045711.n5.nabble.com/ANNOUNCEMENT-Tapestry-security-0-4-1-released-tp5432299p5519958.html
Sent from the Tapestry - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: [ANNOUNCEMENT] Tapestry-security 0.4.1 released!
Posted by Lenny Primak <lp...@hope.nyc.ny.us>.
try this:
public static void
contributeSecurityConfiguration(Configuration<SecurityFilterChain>
configuration, SecurityFilterChainFactory factory, WebSecurityManager
securityManager, PageService pageService)
{
...
}
PageService should be automatically injected by tapestry-ioc via constructor injection.
On Feb 27, 2012, at 9:02 AM, AndrejKr wrote:
> Hi,
>
> ok, I can create constructor:
> ArtisolHostFilter(PageService pageService, String... blockedIPs)
> but in AppModule it wants to have just String if i use call like:
>
> public static void
> contributeSecurityConfiguration(Configuration<SecurityFilterChain>
> configuration, SecurityFilterChainFactory factory, WebSecurityManager
> securityManager)
> {
>
>
> configuration.add(factory.createChain("/rest/index/**").add(factory.anon()).build());
>>>>>>>>> configuration.add(factory.createChain("/rest/**").add(new
>>>>>>>>> ArtisolHostFilter("1.1.1.1")).build());
> }
>
> I do not know how to insert PageService here in AppModule... If i would know
> this I thing there would not be any problem.
> Then I could call something like (I think):
>
> public static void
> contributeSecurityConfiguration(Configuration<SecurityFilterChain>
> configuration, SecurityFilterChainFactory factory, WebSecurityManager
> securityManager)
> {
>
>
> configuration.add(factory.createChain("/rest/index/**").add(factory.anon()).build());
> configuration.add(factory.createChain("/rest/**").add(new
> ArtisolHostFilter(PAGE_SERVICE, "1.1.1.1")).build());
> }
>
> or am I missing something?
>
> Thank you alot for helping me, I am new to Tapestry and with this security I
> am realy lost.
>
> Andrej
>
> --
> View this message in context: http://tapestry.1045711.n5.nabble.com/ANNOUNCEMENT-Tapestry-security-0-4-1-released-tp5432299p5519002.html
> Sent from the Tapestry - User mailing list archive at Nabble.com.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: [ANNOUNCEMENT] Tapestry-security 0.4.1 released!
Posted by AndrejKr <ak...@gmail.com>.
Hi,
ok, I can create constructor:
ArtisolHostFilter(PageService pageService, String... blockedIPs)
but in AppModule it wants to have just String if i use call like:
public static void
contributeSecurityConfiguration(Configuration<SecurityFilterChain>
configuration, SecurityFilterChainFactory factory, WebSecurityManager
securityManager)
{
configuration.add(factory.createChain("/rest/index/**").add(factory.anon()).build());
>>>>>>>> configuration.add(factory.createChain("/rest/**").add(new
>>>>>>>> ArtisolHostFilter("1.1.1.1")).build());
}
I do not know how to insert PageService here in AppModule... If i would know
this I thing there would not be any problem.
Then I could call something like (I think):
public static void
contributeSecurityConfiguration(Configuration<SecurityFilterChain>
configuration, SecurityFilterChainFactory factory, WebSecurityManager
securityManager)
{
configuration.add(factory.createChain("/rest/index/**").add(factory.anon()).build());
configuration.add(factory.createChain("/rest/**").add(new
ArtisolHostFilter(PAGE_SERVICE, "1.1.1.1")).build());
}
or am I missing something?
Thank you alot for helping me, I am new to Tapestry and with this security I
am realy lost.
Andrej
--
View this message in context: http://tapestry.1045711.n5.nabble.com/ANNOUNCEMENT-Tapestry-security-0-4-1-released-tp5432299p5519002.html
Sent from the Tapestry - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: [ANNOUNCEMENT] Tapestry-security 0.4.1 released!
Posted by Kalle Korhonen <ka...@gmail.com>.
On Sat, Feb 25, 2012 at 8:25 AM, AndrejKr <ak...@gmail.com> wrote:
> hi, just one more problem. When I extend the
> "org.tynamo.security.shiro.authz.AuthorizationFilter" i need to implement
> your constructor into my class with PageService.class
> public ArtisolHostFilter(PageService pageService)
> {
> super(pageService);
> }
> and i can't create any other.... (i get an error)
Sorry, you lost me there - why can you not create a constructor with
ArtisolHostFilter(PageService pageService, String... blockedIPs) for
example?
Kalle
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: [ANNOUNCEMENT] Tapestry-security 0.4.1 released!
Posted by AndrejKr <ak...@gmail.com>.
hi, just one more problem. When I extend the
"org.tynamo.security.shiro.authz.AuthorizationFilter" i need to implement
your constructor into my class with PageService.class
public ArtisolHostFilter(PageService pageService)
{
super(pageService);
}
and i can't create any other.... (i get an error)
and when i call
configuration.add(factory.createChain("/blockedbyip").add(new
ArtisolHostFilter("192.168.112.2,10.0.0.170"));
the class has no ArtisolHostFilter(String string) constructor wich is not
allowed by extending AuthorizationFilter class.
and how to give him PageService to parameter i also don't know...
I managed to implement my filter by extending SecurityFilterChainFactory and
implement my filter into it..... and this works.... but I would prefer to do
it your way...
best regards,
Andrej
--
View this message in context: http://tapestry.1045711.n5.nabble.com/ANNOUNCEMENT-Tapestry-security-0-4-1-released-tp5432299p5515370.html
Sent from the Tapestry - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: [ANNOUNCEMENT] Tapestry-security 0.4.1 released!
Posted by AndrejKr <ak...@gmail.com>.
Hi Alejandro,
thank you :).
--
View this message in context: http://tapestry.1045711.n5.nabble.com/ANNOUNCEMENT-Tapestry-security-0-4-1-released-tp5432299p5513845.html
Sent from the Tapestry - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: [ANNOUNCEMENT] Tapestry-security 0.4.1 released!
Posted by Alejandro Scandroli <al...@gmail.com>.
Hi AndrejKr
It's easy, you don't need to register the filter anywhere, just use it
in contributeSecurityConfiguration.
for example:
public static void
contributeSecurityConfiguration(Configuration<SecurityFilterChain>
configuration,
SecurityFilterChainFactory factory, WebSecurityManager securityManager) {
configuration.add(factory.createChain("/blockedbyip").add(new
ArtisolHostFilter("192.168.112.2,10.0.0.170"));
}
BTW, you need to extend from our own
org.tynamo.security.shiro.authz.AuthorizationFilter
Cheers.
Alejandro.
On Tue, Feb 21, 2012 at 17:00, AndrejKr <ak...@gmail.com> wrote:
> hi,
> i am new to Tapestry-Security and to this forum so am sorry if this is not
> in the correct thread.
> in version 0.3.1 I could do the thing described few lines down (securing to
> specific IP).
> I was wondering how to do this in AppModule.java in version 0.4.1 if
> shiro.ini and com.xxxx.util.xxxxHostFilter.class would be like this:
>
> shiro.ini:
> [main]
> ip = com.xxxx.util.xxxxHostFilter
> ip.authorizedIps = 127.0.0.1, 192.168.1.12
>
> [users]
>
> [roles]
>
> [urls]
> /rest/index/** = anon
> /rest/** = ip
>
>
> the com.xxxx.util.xxxxHostFilter.cass:
> ...
> import org.apache.shiro.web.filter.authz.AuthorizationFilter;
>
> public class ArtisolHostFilter extends AuthorizationFilter {
>
> private Set<String> authorizedIps = new HashSet<String>();
>
> public void setAuthorizedIps(String ips) {
> for (String ip : ips.split(",")) {
> authorizedIps.add(ip.trim());
> }
> }
>
> @Override
> protected boolean isAccessAllowed(ServletRequest request,
> ServletResponse response, Object mappedValue) throws Exception {
> String remoteAddr = request.getRemoteAddr();
> return authorizedIps.contains(remoteAddr);
> }
> }
>
> --
> View this message in context: http://tapestry.1045711.n5.nabble.com/ANNOUNCEMENT-Tapestry-security-0-4-1-released-tp5432299p5502612.html
> Sent from the Tapestry - User mailing list archive at Nabble.com.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: [ANNOUNCEMENT] Tapestry-security 0.4.1 released!
Posted by AndrejKr <ak...@gmail.com>.
hi,
i am new to Tapestry-Security and to this forum so am sorry if this is not
in the correct thread.
in version 0.3.1 I could do the thing described few lines down (securing to
specific IP).
I was wondering how to do this in AppModule.java in version 0.4.1 if
shiro.ini and com.xxxx.util.xxxxHostFilter.class would be like this:
shiro.ini:
[main]
ip = com.xxxx.util.xxxxHostFilter
ip.authorizedIps = 127.0.0.1, 192.168.1.12
[users]
[roles]
[urls]
/rest/index/** = anon
/rest/** = ip
the com.xxxx.util.xxxxHostFilter.cass:
...
import org.apache.shiro.web.filter.authz.AuthorizationFilter;
public class ArtisolHostFilter extends AuthorizationFilter {
private Set<String> authorizedIps = new HashSet<String>();
public void setAuthorizedIps(String ips) {
for (String ip : ips.split(",")) {
authorizedIps.add(ip.trim());
}
}
@Override
protected boolean isAccessAllowed(ServletRequest request,
ServletResponse response, Object mappedValue) throws Exception {
String remoteAddr = request.getRemoteAddr();
return authorizedIps.contains(remoteAddr);
}
}
--
View this message in context: http://tapestry.1045711.n5.nabble.com/ANNOUNCEMENT-Tapestry-security-0-4-1-released-tp5432299p5502612.html
Sent from the Tapestry - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org