You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tapestry.apache.org by Weisu <we...@gmail.com> on 2008/08/01 06:32:52 UTC

Re: Access control with dispatchers and annotations - problem

Hi, I think I have found your problem. I tried to implemented your code and
found this line caused the problem. After I commented out this line
everything works.
		/* Is the requested page private ? */
		Component page = componentSource.getPage(pageName);

		System.out.println("PAGE CLASS = "+page.getClass());
		System.out.println("PAGE ANNO =  
"+page.getClass().getAnnotation(Private.class));
//		System.out.println("PAGE ANNOS = "+page.getClass().getAnnotations()[0]);

		boolean privatePage = page.getClass().getAnnotation(Private.class) !=
null;


Weisu


photos-4 wrote:
> 
> I too have been trying to implement what is on the wiki.
> 
> This is really doing my head in (not helped by the fact the wiki  
> solution http://wiki.apache.org/tapestry/Tapestry5HowToControlAccess  
> does not have all the "bits" of code necessary for a newbie like  
> myself to get it working. For instance, it's missing the package  
> imports and is also missing a necessary try-catch block at the end of  
> checkAccess()).
> 
> I've had no success after a day or more working on it - even with the  
> updated code recently provided. It just does not work and seems either  
> to be a mistake on my part in how Annotations work (they are new to  
> me, I admit, having not used them before), or a serious problem with  
> the way the code works (the ClassLoaders? It seems the standard  
> classloader is loading Private while the tapestry pages are via its  
> own classloader - I don't know how getAnnotation() works, so I'm  
> wildly guessing and probably wrong)
> 
> Below is the code I have. I'd appreciate a pointer on what I've done
> wrong.
> 
> The output is as follows:
> 
> [DEBUG] AppModule.TimingFilter Invoking method  
> uk.bl.dlportal.services.AppModule.buildTimingFilter(Logger) (at  
> AppModule.java:97).
> 1
> PAGE CLASS = class uk.bl.dlportal.pages.Administration
> PAGE ANNO = null
> PAGE ANNOS = @uk.bl.dlportal.pages.util.Private()
> [INFO] AppModule.TimingFilter Request time: 4784 ms
> [INFO] AppModule.TimingFilter Request time: 0 ms
> 
> 
> ----------------- AccessController.java --
> 
> package uk.bl.dlportal.pages.util;
> 
> import java.io.IOException;
> 
> import org.apache.tapestry5.runtime.Component;
> import org.apache.tapestry5.services.ApplicationStateManager;
> import org.apache.tapestry5.services.ComponentClassResolver;
> import org.apache.tapestry5.services.ComponentSource;
> import org.apache.tapestry5.services.Dispatcher;
> import org.apache.tapestry5.services.Request;
> import org.apache.tapestry5.services.Response;
> 
> import uk.bl.dlportal.entities.User;
> 
> public class AccessController implements Dispatcher
> {
> 	private final static String LOGIN_PAGE = "/index";
> 
> 	private ApplicationStateManager asm;
> 	private final ComponentClassResolver resolver;
> 	private final ComponentSource componentSource;
> 
> 
> 	/**
> 	 * Receive all the services needed as constructor arguments. When we bind
> 	 * this service, T5 IoC will provide all the services !
> 	 */
> 	public AccessController(ApplicationStateManager asm,
> 			ComponentClassResolver resolver, ComponentSource componentSource)
> 	{
> 		this.asm = asm;
> 		this.resolver = resolver;
> 		this.componentSource = componentSource;
> 	}
> 
> 
> 	public boolean dispatch(Request request, Response response)
> 			throws IOException
> 	{
> 		System.out.println("1");
> 		/*
> 		 * We need to get the Tapestry page requested by the user. So we parse
> 		 * the path extracted from the request
> 		 */
> 		String path = request.getPath();
> 		if (path.equals(""))
> 			return false;
> 
> 		int nextslashx = path.length();
> 		String pageName;
> 
> 		while (true)
> 		{
> 			pageName = path.substring(1, nextslashx);
> 			if (!pageName.endsWith("/") && resolver.isPageName(pageName))
> 				break;
> 			nextslashx = path.lastIndexOf('/', nextslashx - 1);
> 			if (nextslashx <= 1)
> 				return false;
> 		}
> 		return checkAccess(pageName, request, response);
> 	}
> 
> 
> 	/**
> 	 * Check the rights of the user for the page requested
> 	 */
> 	public boolean checkAccess(String pageName, Request request,
> 			Response response)
> 	{
> 
> 		boolean canAccess = true;
> 
> 		/* Is the requested page private ? */
> 		Component page = componentSource.getPage(pageName);
> 
> 		System.out.println("PAGE CLASS = "+page.getClass());
> 		System.out.println("PAGE ANNO =  
> "+page.getClass().getAnnotation(Private.class));
> 		System.out.println("PAGE ANNOS = "+page.getClass().getAnnotations()[0]);
> 
> 		boolean privatePage = page.getClass().getAnnotation(Private.class) !=
> null;
> 
> 		if (privatePage)
> 		{
> 			canAccess = false;
> 			/* Is the user already authenticated ? */
> 			if (asm.exists(User.class))
> 			{
> 				User userSession = asm.get(User.class);
> 				canAccess = userSession != null;
> 			}
> 
> 			/*
> 			if (asm.exists(UserSessionImpl.class))
> 			{
> 				UserSessionImpl userSession = asm.get(UserSessionImpl.class);
> 				canAccess = userSession.isUserLoggedIn();
> 			}
> 			*/
> 		}
> 
> 
> 		if (!canAccess)
> 		{
> 			try
> 			{
> 				response.sendRedirect(request.getContextPath() + LOGIN_PAGE);
> 			} catch (IOException e)
> 			{
> 				// TODO Auto-generated catch block
> 				e.printStackTrace();
> 			}
> 			return true; // Make sure to leave the chain
> 		}
> 		return false;
> 	}
> 
> }
> 
> 
> -------------------- AppModule.java --
> 
> ...
> 	public static void bind(ServiceBinder binder)
> 	{
> 		// binder.bind(MyServiceInterface.class, MyServiceImpl.class);
> 
> 		// Make bind() calls on the binder object to define most IoC services.
> 		// Use service builder methods (example below) when the implementation
> 		// is provided inline, or requires more initialization than simply
> 		// invoking the constructor.
> 
> 		binder.bind(AccessController.class).withId("AccessController");
> 
> 	}
> 
> 
> 	public void contributeMasterDispatcher(
> 			OrderedConfiguration<Dispatcher> configuration,
> 			@InjectService("AccessController") Dispatcher accessController)
> 	{
> 		configuration.add("AccessController", accessController,
> 				"before:PageRender");
> 	}
> ...
> 
> 
> ---------------- Private.java --
> 
> package uk.bl.dlportal.pages.util;
> 
> import java.lang.annotation.Documented;
> import java.lang.annotation.ElementType;
> import java.lang.annotation.Retention;
> import java.lang.annotation.RetentionPolicy;
> import java.lang.annotation.Target;
> 
> @Target(ElementType.TYPE)
> @Retention(RetentionPolicy.RUNTIME)
> @Documented
> public @interface Private
> {
> }
> 
> 
> ------------------ Administration.java -- (the page I'm testing this on)
> 
> package uk.bl.dlportal.pages;
> 
> import org.apache.tapestry5.annotations.ApplicationState;
> 
> import uk.bl.dlportal.entities.User;
> import uk.bl.dlportal.pages.util.Private;
> 
> /**
>   * Admin page of application dlportal.
>   */
> @Private
> public class Administration
> {
> ....
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
> 
> 
> 

-- 
View this message in context: http://www.nabble.com/Access-control-with-dispatchers-and-annotations-tp18710376p18768093.html
Sent from the Tapestry - User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org