You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tapestry.apache.org by vi...@comcast.net on 2004/06/09 18:55:53 UTC
Field level authorization
Hi,
How can I implement field level authorization in Tapestry ? I need to be able to
display fields based on user roles.
I have done that in JSP's using custom tags with JAAS and EJB methods permission
on the backend with specified roles and using JBoss's DataBaseLoginModule.
I have gone through the archives and would appreciate if anyone could send me a working example.I have read 2 examples in the archives-1 of overriding IEngine to get a custom Monitor and overriding the serviceBegin method of the Custom monitor and the other one was using properties within page for permissions and using a base page classs for all components ??
I appreciate any input.
Thanks in advance,
Vijay
> Hello,
>
> I have a foreach loop that surrounds a RenderBlock and a couple of Blocks.
> One of the blocks contains a PropertySelection Component that has a informal
> parameter
> " onClick="javascript:this.form.submit() ", so that when one of the entries is
> clicked the form is submitted .
> This block is called multiple times by the RenderComponent, so the form has
> multiple PropertySelection components.
>
> When a user makes a selection in one of the PropertySelection's a form listener
> is fired, but I have no clue at what PropertySelection the user clicked.
>
> I could use a hint on how to find out the right PropertySelection.
>
> Regards,
>
> Diego
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tapestry-user-help@jakarta.apache.org
Re: Field level authorization
Posted by Erik Hatcher <er...@ehatchersolutions.com>.
On Jun 9, 2004, at 12:55 PM, vijay172@comcast.net wrote:
> How can I implement field level authorization in Tapestry ? I need to
> be able to
> display fields based on user roles.
>
> I have done that in JSP's using custom tags with JAAS and EJB methods
> permission
> on the backend with specified roles and using JBoss's
> DataBaseLoginModule.
It would be similar in Tapestry. You could (as we have) implement an
IsUserInRole component which is basically a conditional which renders
or does not render its body based on the same J2EE role check you would
use in JSP custom tags (request.isUserInRole()).
Or maybe use the disabled flag that exists on all the field components.
If you did this, the fields would still render, but the values would
not update (this is a server-side thing, not client-side).
Or you could create your own versions of the field components
(aggregating the built-in ones) that does the appropriate thing inside.
Erik
---------------------------------------------------------------------
To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tapestry-user-help@jakarta.apache.org