You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tapestry.apache.org by Paul Stanton <pa...@mapshed.com.au> on 2012/03/19 02:20:29 UTC
simple user authentication
Hi group,
Is it recommended to use a security module such as tynamo's
tapestry-security when all you require is username/password
authentication to a couple of pages?
Is there a simpler add-on module?
Is 'roll-your-own' a generally accepted practice for a simple
implementation?
Discuss....
thanks, Paul.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: simple user authentication
Posted by Bob Harner <bo...@gmail.com>.
My advice... "Roll-your-own" can be okay for simple cases, but
home-grown security implementations, even for such "simple" cases, can
have subtle security vulnerabilities that a well-tested library like
Tapestry-security probably won't. And many "simple" cases evolve into
complex ones over time, so spending a few hours putting in a solid
security implementation (such as Tapestry-security with Shiro) that
can grow with your application usually makes sense.
On Sun, Mar 18, 2012 at 9:30 PM, Taha Hafeez Siddiqi
<ta...@gmail.com> wrote:
> Hi
>
> On Mar 19, 2012, at 6:50 AM, Paul Stanton wrote:
>
>> Hi group,
>>
>> Is it recommended to use a security module such as tynamo's tapestry-security when all you require is username/password authentication to a couple of pages?
>>
>
> If the project is going to stay at "a couple of pages of authentication", you can always role your own. http://tapestryjava.blogspot.in/2009/12/securing-tapestry-pages-with.html.
>
>> Is there a simpler add-on module?
>>
>
> You have to add dependencies, write a Realm and define the rules. Not more than 10-15 lines. What can be simpler :)
>
>> Is 'roll-your-own' a generally accepted practice for a simple implementation?
>>
>
> I did that in a couple of projects but then went back to tapestry-security. :).
>
>> Discuss....
>>
>> thanks, Paul.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> For additional commands, e-mail: users-help@tapestry.apache.org
>>
>
> regards
> Taha
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: simple user authentication
Posted by Taha Hafeez Siddiqi <ta...@gmail.com>.
Hi
On Mar 19, 2012, at 6:50 AM, Paul Stanton wrote:
> Hi group,
>
> Is it recommended to use a security module such as tynamo's tapestry-security when all you require is username/password authentication to a couple of pages?
>
If the project is going to stay at "a couple of pages of authentication", you can always role your own. http://tapestryjava.blogspot.in/2009/12/securing-tapestry-pages-with.html.
> Is there a simpler add-on module?
>
You have to add dependencies, write a Realm and define the rules. Not more than 10-15 lines. What can be simpler :)
> Is 'roll-your-own' a generally accepted practice for a simple implementation?
>
I did that in a couple of projects but then went back to tapestry-security. :).
> Discuss....
>
> thanks, Paul.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
regards
Taha