You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@myfaces.apache.org by Matthias Wessendorf <ma...@matthias-wessendorf.de> on 2005/03/16 16:28:57 UTC

[Shale] using Commons Chain

Hi Craig,

I am wondering, why you provide a chain catalog inside of WEB-INF/ in
use-cases web app?
Only for "Disallow direct access to JSP and JSFP resources" ?


***snip***

<command
   className="org.apache.shale.application.ContextRelativePathFilter"
   includes="\S*\.faces,\S*\.html,\S*\.gif,\S*\.jpg,/index\.jsp"
   excludes="\S*\.jsp,\S*\.jspf"
/>

***snip***



And also I'd like to know if it is posible to place *custom* commands
inside that chain? (<chain name="preprocess">).

And if posible, how? and why? :-)
(what about Authentication ?)

(not really familiar with Commons Chain, only read about it a bit on
"onjava.com")


Thanks,
Matthias

Re: [Shale] using Commons Chain

Posted by Craig McClanahan <cr...@gmail.com>.

On Wed, 16 Mar 2005 16:28:57 +0100, Matthias Wessendorf
<ma...@matthias-wessendorf.de> wrote:
> Hi Craig,
> 
> I am wondering, why you provide a chain catalog inside of WEB-INF/ in
> use-cases web app?
> Only for "Disallow direct access to JSP and JSFP resources" ?

The Shale version of the Struts "request processor" concept is
implemented with a Filter that in turn executes a [chain] Command (in
core-library, see src/java/org/apache/shale/faces/shale-config.xml)
for every request.  In turn, this chain allows you to optionally
customize the overall behavior by defining your own "preprocess" and
"postprocess" chains in the "shale" catalog, without modifying the
standard one.

Several useful filtering commands that you might want to include can
be found in the org.apache.shale.application package.  The "use cases"
example happens to use one of the (the regular expression filter) to
enforce the "no direct access to a JSP page" rule.

> 
> ***snip***
> 
> <command
>    className="org.apache.shale.application.ContextRelativePathFilter"
>    includes="\S*\.faces,\S*\.html,\S*\.gif,\S*\.jpg,/index\.jsp"
>    excludes="\S*\.jsp,\S*\.jspf"
> />
> 
> ***snip***
> 
> And also I'd like to know if it is posible to place *custom* commands
> inside that chain? (<chain name="preprocess">).

Sure -- just define your own "preprocess" chain in the "shale"
catalog, just like the Use Cases application does, and include
whatever Command implementations you want.  The chain running inside
Shale executes the "preprocess" chain (if it exists ... it doesn't
unless you actually create one) at the beginning of each request.

> 
> And if posible, how? and why? :-)
> (what about Authentication ?)

Authentication, in the sense that something like SecurityFilter does
it, could be enforced at this level -- although it will require a bit
of manipulation of the context object to replace the wrapped request
with one that has the simulated credentials.  Much easier would be a
Command that just verifies the current user is logged on (by seeing if
an object is in session scope under a known key).

> 
> (not really familiar with Commons Chain, only read about it a bit on
> "onjava.com")

The website for [chain] has some useful information in the "Cookbook"
section, as well as a pointer to the current Javadocs:

  http://jakarta.apache.org/commons/chain/

> 
> Thanks,
> Matthias
> 
> 

Craig