You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tapestry.apache.org by sandeepraj singh <sa...@atosorigin.com> on 2009/11/26 10:03:32 UTC
Login Filter,
Hi,
I have the following requirement for my application
Develop a Tapestry login check Filter which
(a) Avoids direct hit to any page in my application without logging in, if
anyone does that, he should be redirected to the login page.
(b) After session expiry if we do any action, It should be redirected to the
login page.
Could you suggest a good strategy. Can we make such checks in myFilter which
extends Tapestry5 filter?
Thanks
sandeep
--
View this message in context: http://old.nabble.com/Login-Filter%2C-tp26525297p26525297.html
Sent from the Tapestry - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Login Filter,
Posted by "Thiago H. de Paula Figueiredo" <th...@gmail.com>.
Em Thu, 26 Nov 2009 15:15:13 -0200, Alfonso Quiroga
<al...@gmail.com> escreveu:
> Thiago: [...]your dispatcher must be added before the RootPath[...]
> Is that neccesary? RootPath I think is when you go to "/", this is
> Index page, and we suppose Index doesn't need security. So I use my
> security dispatcher AFTER RootPath. Thanks
Tapestry Security is a package, so it cannot assume that all applications
have their root path accessible for anyone.
--
Thiago H. de Paula Figueiredo
Independent Java, Apache Tapestry 5 and Hibernate consultant, developer,
and instructor
Owner, software architect and developer, Ars Machina Tecnologia da
Informação Ltda.
http://www.arsmachina.com.br
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Login Filter,
Posted by Alfonso Quiroga <al...@gmail.com>.
Thiago: [...]your dispatcher must be added before the RootPath[...]
Is that neccesary? RootPath I think is when you go to "/", this is
Index page, and we suppose Index doesn't need security. So I use my
security dispatcher AFTER RootPath. Thanks
On Thu, Nov 26, 2009 at 8:41 AM, Thiago H. de Paula Figueiredo
<th...@gmail.com> wrote:
> Em Thu, 26 Nov 2009 07:18:53 -0200, Ulrich Stärk <ul...@spielviel.de>
> escreveu:
>
>> Use a ComponentRequestFilter. That way you can handle component events and
>> page render requests inside the same filter.
>
> It could be a Dispatcher too. The wiki has a nice explanation:
> http://wiki.apache.org/tapestry/Tapestry5HowToCreateADispatcher. Just a
> small correction: your dispatcher must be added before the RootPath,
> ComponentEvent and PageRender dispatchers:
>
> configuration.add("YourDispatcher", yourDispatcher, "before:RootPath,
> before:ComponentEvent, before:PageRender, after:Asset, after:VirtualAsset");
>
> --
> Thiago H. de Paula Figueiredo
> Independent Java, Apache Tapestry 5 and Hibernate consultant, developer, and
> instructor
> Owner, software architect and developer, Ars Machina Tecnologia da
> Informação Ltda.
> http://www.arsmachina.com.br
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Login Filter,
Posted by "Thiago H. de Paula Figueiredo" <th...@gmail.com>.
Em Thu, 26 Nov 2009 07:18:53 -0200, Ulrich Stärk <ul...@spielviel.de>
escreveu:
> Use a ComponentRequestFilter. That way you can handle component events
> and page render requests inside the same filter.
It could be a Dispatcher too. The wiki has a nice explanation:
http://wiki.apache.org/tapestry/Tapestry5HowToCreateADispatcher. Just a
small correction: your dispatcher must be added before the RootPath,
ComponentEvent and PageRender dispatchers:
configuration.add("YourDispatcher", yourDispatcher, "before:RootPath,
before:ComponentEvent, before:PageRender, after:Asset,
after:VirtualAsset");
--
Thiago H. de Paula Figueiredo
Independent Java, Apache Tapestry 5 and Hibernate consultant, developer,
and instructor
Owner, software architect and developer, Ars Machina Tecnologia da
Informação Ltda.
http://www.arsmachina.com.br
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Login Filter,
Posted by Ulrich Stärk <ul...@spielviel.de>.
Use a ComponentRequestFilter. That way you can handle component events and page render requests
inside the same filter.
HTH,
Uli
Am 26.11.2009 10:03 schrieb sandeepraj singh:
> Hi,
> I have the following requirement for my application
>
> Develop a Tapestry login check Filter which
>
> (a) Avoids direct hit to any page in my application without logging in, if
> anyone does that, he should be redirected to the login page.
>
> (b) After session expiry if we do any action, It should be redirected to the
> login page.
>
> Could you suggest a good strategy. Can we make such checks in myFilter which
> extends Tapestry5 filter?
>
> Thanks
> sandeep
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Login Filter,
Posted by sandeepraj singh <sa...@atosorigin.com>.
Successfully created a filter inorder to avoid css problem,
public void contributePageRenderRequestHandler(
OrderedConfiguration<PageRenderRequestFilter> configuration,
final ApplicationStateManager sessionManager,
final RequestGlobals requestGlobals, final LinkSource
linkSource)
{
PageRenderRequestFilter loginFilter = new PageRenderRequestFilter()
{
public void handle(PageRenderRequestParameters parameters,
PageRenderRequestHandler handler) throws IOException
{
LoginData loginData = null;
if
(!parameters.getLogicalPageName().equalsIgnoreCase("LoginPage"))
{
loginData =
sessionManager.getIfExists(LoginData.class);
if (loginData == null ||
!"testUser".equalsIgnoreCase(loginData.getUserName()))
{
requestGlobals.getHTTPServletResponse().sendRedirect(
linkSource.createPageRenderLink("LoginPage", false).toRedirectURI());
}
}
handler.handle(parameters);
}
};
configuration.add("LoginFilter", loginFilter);
}
sandeepraj singh wrote:
>
> Hi Thiago,
>
> I created my own AccessController dispatcher but i have entered into
> another problem
>
> One first access to any page, redirection to Login page happens but it is
> without any stylesheet.
>
> My order of configuration is
> configuration.add(
> "AccessController", accessController,
> "before:RootPath,before:ComponentEvent, before:PageRender,
> after:Asset,after:VirtualAsset");
>
>
> While accessing the Login page directly via url in the browser, there is
> no problem of stylesheet
>
> Any pointers?
>
> Thanks
> sandeep
>
>
>
> Thiago H. de Paula Figueiredo wrote:
>>
>> Em Thu, 26 Nov 2009 07:27:16 -0200, Juan E. Maya <ma...@gmail.com>
>> escreveu:
>>
>>> or Tapestry-Spring-Security Integration
>>
>> I don't recommend it because the checks are made in the setup render
>> event, *after* the activate (onActivate()) one. It does not cover action
>> requests, so I created my own one, Tapestry Security, not released yet.
>>
>> --
>> Thiago H. de Paula Figueiredo
>> Independent Java, Apache Tapestry 5 and Hibernate consultant, developer,
>> and instructor
>> Owner, software architect and developer, Ars Machina Tecnologia da
>> Informação Ltda.
>> http://www.arsmachina.com.br
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> For additional commands, e-mail: users-help@tapestry.apache.org
>>
>>
>>
>
>
--
View this message in context: http://old.nabble.com/Login-Filter%2C-tp26525297p26742769.html
Sent from the Tapestry - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Login Filter,
Posted by sandeepraj singh <sa...@atosorigin.com>.
Hi Thiago,
I created my own AccessController dispatcher but i have entered into another
problem
One first access to any page, redirection to Login page happens but it is
without any stylesheet.
My order of configuration is
configuration.add(
"AccessController", accessController,
"before:RootPath,before:ComponentEvent, before:PageRender,
after:Asset,after:VirtualAsset");
While accessing the Login page directly via url in the browser, there is no
problem of stylesheet
Any pointers?
Thanks
sandeep
Thiago H. de Paula Figueiredo wrote:
>
> Em Thu, 26 Nov 2009 07:27:16 -0200, Juan E. Maya <ma...@gmail.com>
> escreveu:
>
>> or Tapestry-Spring-Security Integration
>
> I don't recommend it because the checks are made in the setup render
> event, *after* the activate (onActivate()) one. It does not cover action
> requests, so I created my own one, Tapestry Security, not released yet.
>
> --
> Thiago H. de Paula Figueiredo
> Independent Java, Apache Tapestry 5 and Hibernate consultant, developer,
> and instructor
> Owner, software architect and developer, Ars Machina Tecnologia da
> Informação Ltda.
> http://www.arsmachina.com.br
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
>
--
View this message in context: http://old.nabble.com/Login-Filter%2C-tp26525297p26708778.html
Sent from the Tapestry - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Login Filter,
Posted by "Thiago H. de Paula Figueiredo" <th...@gmail.com>.
Em Thu, 26 Nov 2009 07:27:16 -0200, Juan E. Maya <ma...@gmail.com>
escreveu:
> or Tapestry-Spring-Security Integration
I don't recommend it because the checks are made in the setup render
event, *after* the activate (onActivate()) one. It does not cover action
requests, so I created my own one, Tapestry Security, not released yet.
--
Thiago H. de Paula Figueiredo
Independent Java, Apache Tapestry 5 and Hibernate consultant, developer,
and instructor
Owner, software architect and developer, Ars Machina Tecnologia da
Informação Ltda.
http://www.arsmachina.com.br
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Login Filter,
Posted by "Juan E. Maya" <ma...@gmail.com>.
U coud also use the Chennilekit Access Module:
http://www.chenillekit.org/chenillekit-access/index.html
or Tapestry-Spring-Security Integration
Or if u want to do everything by yourself u can check their source code.
http://www.localhost.nu/java/tapestry-spring-security/
On Thu, Nov 26, 2009 at 10:03 AM, sandeepraj singh
<sa...@atosorigin.com> wrote:
>
> Hi,
> I have the following requirement for my application
>
> Develop a Tapestry login check Filter which
>
> (a) Avoids direct hit to any page in my application without logging in, if
> anyone does that, he should be redirected to the login page.
>
> (b) After session expiry if we do any action, It should be redirected to the
> login page.
>
> Could you suggest a good strategy. Can we make such checks in myFilter which
> extends Tapestry5 filter?
>
> Thanks
> sandeep
> --
> View this message in context: http://old.nabble.com/Login-Filter%2C-tp26525297p26525297.html
> Sent from the Tapestry - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org