You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tapestry.apache.org by Thiago H de Paula Figueiredo <th...@arsmachina.com.br> on 2013/08/05 22:13:54 UTC
Proposal for a new book: Mastering Apache Tapestry
Hi!
I've said a handful of times in this mailing list that I'd love to write a
book on Tapestry. With crowdsourcing sites like Kickstarter and Indiegogo,
I can check whether there's demand enough for the book before writing. In
addition, it seems I'll have the free time needed to start working
seriously on it. (By the way, if you need Tapestry consulting or
development, e-mail me!).
Igor already wrote a very nice book about Tapestry, more targeted at
people trying to learn the framework, so I won't replicate his effort.
Instead, I'm thinking at complementing it. I'm thinking of the following
question that may be asked by someone who finished Igor's book: now that I
can write webapps in Tapestry, what else could I learn to have a deep,
even internal knowledge of it, so I know what to look to implement more
advanced, specific stuff that uses the framework flexibility to suit my
needs?
I've written a proposal of the table of contents at
http://www.arsmachina.com.br/masteringApacheTapestry.html. Feel free to
suggest anything about it.
Some notes:
* It may look wrong in the beggining, but the book starts with a deep look
at Tapestry-IoC. Everything else in the book will need T-IoC. And, if you
really want to dive deep into Tapestry-core, you'll need to know T-IoC
very well.
* There will be lots of code examples. Ideally, one for anything which
could be better exemplified with code. They'll be freely downloadable,
probably with their sources in GitHub.
* I thought about a cookbook section, but I'm not sure what people would
find interesting.
* You may suggest by asking questions about Tapestry or how to implement
something with it, even if it sounds preposterous.
* At least for now, an A4-formatted (for better viewing of code examples),
DRM-free PDF file will be only option available.
* I haven't defined the price yet, but it'll be in the 20 to 30 dollars
range, probably in the middle.
* I'll just create the Indiegogo campaign if there's enough buzz in the
mailing list. Kickstarter isn't an option because, as you may already
know, I'm a Brazilian living in Brazil and Kickstarter only accepts
campaigns from USA citizens.
What do you guys think? All feedback is welcome. :)
Cheers!
--
Thiago H. de Paula Figueiredo
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Proposal for a new book: Mastering Apache Tapestry
Posted by Muhammad Gelbana <m....@gmail.com>.
>
>
> Thiago:
> I think this is out of the focus of the book. I don't plan to include
> chapters or sections that demand knowing stuff which isn't Tapestry or
> Tapestry-IoC.
That alone makes me very excited for the book :)
Tapestry is a marvelous framework. Made by developers for developers (Not
sure if I made that up or read it somewhere but I believe its true).
The main problem I have with tapestry is that I have no clear idea how it
works, specifically the web part, pages, *components*, ajax-enabled
components.
I would REALLY love to have the knowledge to reverse engineer or do ANY
type of component I need with tapestry. Ajax ones, ones repeated across
different pages so that I only write a component once and use it multiple
times and any other kind of components because that's the part I usually
have trouble with.
Sounds easy but then comes mysterious services\patterns like enviromental,
heartbeat (Whats a heartbeat in tapestry ?!) and other stuff I cannot
remember but when I open a component's source code to learn how it works, I
usually get stuck in a very complex model that I can't even understand in a
timely manner :(
I wish I had time to dissect tapestry and learn how it works. I'm sure I'll
learn many things other than how tapestry works.
Thank you Thiago for your initiative. I'd really love reading such a book.
One last note, I'm afraid if such a book targets 5.4, another book will be
needed for 5.5 if a big change is made in tapestry. I definitely want
tapestry to change rather than books being published but what do you think
about such a drawback ?
Why don't we -as a community- collaborate towards a Web magazine/journal or
> any other form of periodic publication ?
Regards, and good luck.
On Wed, Aug 7, 2013 at 1:52 PM, Thiago H de Paula Figueiredo <
thiagohp@gmail.com> wrote:
> Hello, Norman!
>
> That's exactly the feedback I was looking for. Thank you very, very much!
> Yeah, you've convinced me of talking about security, even if it's just one
> security framework (Shiro) and explaining just the core concepts and how to
> make them work in Tapestry. It wouldn't make sense to make a book on
> Tapestry to talk in depth about other framework (Shiro). I've never used
> Shiro myself, but I'll learn it, that's something I was planning to do
> anyway. :) I'll answer your other points in another message.
>
>
> On Tue, 06 Aug 2013 19:20:08 -0300, Norman Franke <no...@myasd.com>
> wrote:
>
> On Aug 6, 2013, at 7:22 AM, Thiago H de Paula Figueiredo <
>> thiagohp@gmail.com> wrote:
>>
>> Some topics I'd be interested in:
>>>> - Application security, authentication and authorization- best practices
>>>> with several popular frameworks
>>>>
>>>
>>> Several popular frameworks? Which ones?
>>>
>>> Doesn't this fall a little over the focus of the book, which is Tapestry
>>> itself? The book can talk about setting up Apache Shiro via
>>> tapestry-security, for example, but then talking about Shiro specifically
>>> looks like lack of coesion (in the OOP sense) to me. Of course, security is
>>> very important.
>>>
>>
>> I think the fact that Tapestry doesn't offer a security framework out of
>> the box is sort of silly in this day and age. I've never worked on a web
>> site that didn't need authentication and authorization support. So I
>> definitely think you should talk about it at least enough to implement a
>> non-trivial application with custom login pages and database-driven
>> users/roles. Going with whatever library is considered "best practice"
>> should be enough, e.g. tapestry-security. Maybe best practice has yet to be
>> written.
>>
>> Solutions like tapestry-security cache page requires roles and changes
>> don't take effect until you restart. Shiro caches roles between sessions,
>> too, which leads to all sorts of problems if you change them. Basically, it
>> still doesn't "just work" and a working, flexible solution needs to be
>> there to use Tapestry for anything non-trivial.
>>
>> One thing that always messes me up, and for which I've still never found
>> a solution, is to have a login page loaded with HTTPS, form submission via
>> HTTPS and then switch back to normal HTTP for performance. It just won't
>> work due to the secure cookies. This is but one challenge to writing a
>> full-featured application.
>>
>> Other topic ideas and elaborations on your ideas:
>>
>> 1. A decent example to do Grid Data Sources. I've written my own class,
>> SQLQueryGridDataSource to make up for the inflexibility of Tapestry's
>> built-in classes. You are welcome to my class, if desired. I'm sure just
>> about everyone has written their own to be more flexible than
>> HibernateGridDataSource.
>>
>> 2. AJAX: the biggest issue I've faced is wanting to put forms inside of a
>> popup dialog, e.g. Modalbox. I'd love to see a well-written example that
>> just works, including form validation (client and server). I've hacked up
>> something that works for me, but it's not a component because the
>> JavaScript needs to know too much about the page. I'm sure it's possible, I
>> just haven't explored it enough. Another one is how to use something like
>> Modalbox to do a confirm delete dialog on a button or link.
>>
>> 3. As many examples of customizing built-in Tapestry behavior as possible
>> would be great. For example, I wrote a validator contribution that looks in
>> .properties files so you can add validators to BeanEditorForms easily. That
>> sort of stuff is nice to see how it should be done well, for example, I
>> never could figure out how to allow for .properties inheritance (e.g.
>> component, page, application-level.)
>>
>> 4. You have symbols listed. A nice description of some of the more useful
>> ones would be great.
>>
>> 5. Load balancing and Tapestry under Tomcat and whatever other containers
>> are popular. Included should be techniques to minimize session state while
>> keeping excellent performance.
>>
>> 6. Publish and Subscribe, maybe via cometd. Integrating Apache CXF, too
>> (as client and server.)
>>
>> 7. Elegant ways to extend Grids to support multiple HTML rows per data
>> row. A more clever way to set default sorting. An example where you store
>> sort order as preferences (e.g. in a database).
>>
>> 8. Provide a library that implements a lot of the more commonly needed
>> stuff, like #1, #2, a click once, ajax spinner, JodaTime support, etc.
>>
>> 9. Widget integration best practices (AJAX and non-AJAX.) Probably
>> sticking to jQuery, since that seems to be the way of the future.
>>
>> Anyway, I'd be interested in such a book. If you want to do Kickstarter,
>> maybe Howard can "sponsor" it?
>>
>> Norman Franke
>> Answering Service for Directors, Inc.
>> www.myasd.com
>>
>>
>
> --
> Thiago H. de Paula Figueiredo
>
> ------------------------------**------------------------------**---------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.**apache.org<us...@tapestry.apache.org>
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
Re: Proposal for a new book: Mastering Apache Tapestry
Posted by Thiago H de Paula Figueiredo <th...@gmail.com>.
Hello, Norman!
That's exactly the feedback I was looking for. Thank you very, very much!
Yeah, you've convinced me of talking about security, even if it's just one
security framework (Shiro) and explaining just the core concepts and how
to make them work in Tapestry. It wouldn't make sense to make a book on
Tapestry to talk in depth about other framework (Shiro). I've never used
Shiro myself, but I'll learn it, that's something I was planning to do
anyway. :) I'll answer your other points in another message.
On Tue, 06 Aug 2013 19:20:08 -0300, Norman Franke <no...@myasd.com> wrote:
> On Aug 6, 2013, at 7:22 AM, Thiago H de Paula Figueiredo
> <th...@gmail.com> wrote:
>
>>> Some topics I'd be interested in:
>>> - Application security, authentication and authorization- best
>>> practices
>>> with several popular frameworks
>>
>> Several popular frameworks? Which ones?
>>
>> Doesn't this fall a little over the focus of the book, which is
>> Tapestry itself? The book can talk about setting up Apache Shiro via
>> tapestry-security, for example, but then talking about Shiro
>> specifically looks like lack of coesion (in the OOP sense) to me. Of
>> course, security is very important.
>
> I think the fact that Tapestry doesn't offer a security framework out of
> the box is sort of silly in this day and age. I've never worked on a web
> site that didn't need authentication and authorization support. So I
> definitely think you should talk about it at least enough to implement a
> non-trivial application with custom login pages and database-driven
> users/roles. Going with whatever library is considered "best practice"
> should be enough, e.g. tapestry-security. Maybe best practice has yet to
> be written.
>
> Solutions like tapestry-security cache page requires roles and changes
> don't take effect until you restart. Shiro caches roles between
> sessions, too, which leads to all sorts of problems if you change them.
> Basically, it still doesn't "just work" and a working, flexible solution
> needs to be there to use Tapestry for anything non-trivial.
>
> One thing that always messes me up, and for which I've still never found
> a solution, is to have a login page loaded with HTTPS, form submission
> via HTTPS and then switch back to normal HTTP for performance. It just
> won't work due to the secure cookies. This is but one challenge to
> writing a full-featured application.
>
> Other topic ideas and elaborations on your ideas:
>
> 1. A decent example to do Grid Data Sources. I've written my own class,
> SQLQueryGridDataSource to make up for the inflexibility of Tapestry's
> built-in classes. You are welcome to my class, if desired. I'm sure just
> about everyone has written their own to be more flexible than
> HibernateGridDataSource.
>
> 2. AJAX: the biggest issue I've faced is wanting to put forms inside of
> a popup dialog, e.g. Modalbox. I'd love to see a well-written example
> that just works, including form validation (client and server). I've
> hacked up something that works for me, but it's not a component because
> the JavaScript needs to know too much about the page. I'm sure it's
> possible, I just haven't explored it enough. Another one is how to use
> something like Modalbox to do a confirm delete dialog on a button or
> link.
>
> 3. As many examples of customizing built-in Tapestry behavior as
> possible would be great. For example, I wrote a validator contribution
> that looks in .properties files so you can add validators to
> BeanEditorForms easily. That sort of stuff is nice to see how it should
> be done well, for example, I never could figure out how to allow for
> .properties inheritance (e.g. component, page, application-level.)
>
> 4. You have symbols listed. A nice description of some of the more
> useful ones would be great.
>
> 5. Load balancing and Tapestry under Tomcat and whatever other
> containers are popular. Included should be techniques to minimize
> session state while keeping excellent performance.
>
> 6. Publish and Subscribe, maybe via cometd. Integrating Apache CXF, too
> (as client and server.)
>
> 7. Elegant ways to extend Grids to support multiple HTML rows per data
> row. A more clever way to set default sorting. An example where you
> store sort order as preferences (e.g. in a database).
>
> 8. Provide a library that implements a lot of the more commonly needed
> stuff, like #1, #2, a click once, ajax spinner, JodaTime support, etc.
>
> 9. Widget integration best practices (AJAX and non-AJAX.) Probably
> sticking to jQuery, since that seems to be the way of the future.
>
> Anyway, I'd be interested in such a book. If you want to do Kickstarter,
> maybe Howard can "sponsor" it?
>
> Norman Franke
> Answering Service for Directors, Inc.
> www.myasd.com
>
--
Thiago H. de Paula Figueiredo
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Proposal for a new book: Mastering Apache Tapestry
Posted by Norman Franke <no...@myasd.com>.
On Aug 6, 2013, at 7:22 AM, Thiago H de Paula Figueiredo <th...@gmail.com> wrote:
>> Some topics I'd be interested in:
>> - Application security, authentication and authorization- best practices
>> with several popular frameworks
>
> Several popular frameworks? Which ones?
>
> Doesn't this fall a little over the focus of the book, which is Tapestry itself? The book can talk about setting up Apache Shiro via tapestry-security, for example, but then talking about Shiro specifically looks like lack of coesion (in the OOP sense) to me. Of course, security is very important.
I think the fact that Tapestry doesn't offer a security framework out of the box is sort of silly in this day and age. I've never worked on a web site that didn't need authentication and authorization support. So I definitely think you should talk about it at least enough to implement a non-trivial application with custom login pages and database-driven users/roles. Going with whatever library is considered "best practice" should be enough, e.g. tapestry-security. Maybe best practice has yet to be written.
Solutions like tapestry-security cache page requires roles and changes don't take effect until you restart. Shiro caches roles between sessions, too, which leads to all sorts of problems if you change them. Basically, it still doesn't "just work" and a working, flexible solution needs to be there to use Tapestry for anything non-trivial.
One thing that always messes me up, and for which I've still never found a solution, is to have a login page loaded with HTTPS, form submission via HTTPS and then switch back to normal HTTP for performance. It just won't work due to the secure cookies. This is but one challenge to writing a full-featured application.
Other topic ideas and elaborations on your ideas:
1. A decent example to do Grid Data Sources. I've written my own class, SQLQueryGridDataSource to make up for the inflexibility of Tapestry's built-in classes. You are welcome to my class, if desired. I'm sure just about everyone has written their own to be more flexible than HibernateGridDataSource.
2. AJAX: the biggest issue I've faced is wanting to put forms inside of a popup dialog, e.g. Modalbox. I'd love to see a well-written example that just works, including form validation (client and server). I've hacked up something that works for me, but it's not a component because the JavaScript needs to know too much about the page. I'm sure it's possible, I just haven't explored it enough. Another one is how to use something like Modalbox to do a confirm delete dialog on a button or link.
3. As many examples of customizing built-in Tapestry behavior as possible would be great. For example, I wrote a validator contribution that looks in .properties files so you can add validators to BeanEditorForms easily. That sort of stuff is nice to see how it should be done well, for example, I never could figure out how to allow for .properties inheritance (e.g. component, page, application-level.)
4. You have symbols listed. A nice description of some of the more useful ones would be great.
5. Load balancing and Tapestry under Tomcat and whatever other containers are popular. Included should be techniques to minimize session state while keeping excellent performance.
6. Publish and Subscribe, maybe via cometd. Integrating Apache CXF, too (as client and server.)
7. Elegant ways to extend Grids to support multiple HTML rows per data row. A more clever way to set default sorting. An example where you store sort order as preferences (e.g. in a database).
8. Provide a library that implements a lot of the more commonly needed stuff, like #1, #2, a click once, ajax spinner, JodaTime support, etc.
9. Widget integration best practices (AJAX and non-AJAX.) Probably sticking to jQuery, since that seems to be the way of the future.
Anyway, I'd be interested in such a book. If you want to do Kickstarter, maybe Howard can "sponsor" it?
Norman Franke
Answering Service for Directors, Inc.
www.myasd.com
Re: Proposal for a new book: Mastering Apache Tapestry
Posted by Thiago H de Paula Figueiredo <th...@gmail.com>.
On Tue, 06 Aug 2013 16:50:53 -0300, Matheus Eduardo Machado Moreira
<ma...@gmail.com> wrote:
> It would be good to have a nice book about Tapestry-IOC. And your
> explanations about the container could use a lot of Tapestry (web
> framework) code. This could be a good strategy to a deep understanding
> about IOC and Core at the same time.
Agreed.
> "Integration" is a subject in my mind too. It would be good to have
> several examples that map to integrations that Spring provides
> out-of-the-box. This part of the book could refer to existing Tapestry
> plugins and analyse them or you could show how to write (or how to start
> writing) integrations and services that provide similar features provided
> by Spring.
This is all implemented basically by providing some beans/services and, in
some cases, implementing AOP (decoration, advice) on them, so the
Tapestry-IoC outline I provided already covers that, even if not
explicitly.
> One framework that came to my mind, that is awsome and have a nice
> Spring integration, is Apache Camel.
I think this is out of the focus of the book. I don't plan to include
chapters or sections that demand knowing stuff which isn't Tapestry or
Tapestry-IoC.
--
Thiago H. de Paula Figueiredo
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Proposal for a new book: Mastering Apache Tapestry
Posted by Matheus Eduardo Machado Moreira <ma...@gmail.com>.
It would be good to have a nice book about Tapestry-IOC. And your
explanations about the container could use a lot of Tapestry (web
framework) code. This could be a good strategy to a deep understanding
about IOC and Core at the same time.
"Integration" is a subject in my mind too. It would be good to have
several examples that map to integrations that Spring provides
out-of-the-box. This part of the book could refer to existing Tapestry
plugins and analyse them or you could show how to write (or how to start
writing) integrations and services that provide similar features provided
by Spring.
One framework that came to my mind, that is awsome and have a nice
Spring integration, is Apache Camel.
Atenciosamente,
Matheus Eduardo Machado Moreira
matheus.emm@gmail.com
2013/8/6 Onno Scheffers <on...@piraya.nl>
> >
> >
> > Some topics I'd be interested in:
> >> - Application security, authentication and authorization- best practices
> >> with several popular frameworks
> >>
> >
> > Several popular frameworks? Which ones?
> >
>
> I'd say the most popular ones are Shiro and Spring Security. So far I have
> only rolled my own based on the blog article by Howard a while ago.
> I see questions about authentication/authorization in Tapestry popup quite
> a bit so it deserves some attention, since pretty much any application
> requires it and it would really help if some popular solutions are
> explained in one place.
>
>
>
> > This is already covered in Igor's book, so I'm not sure my one really
> > needs to talk about it too. Anyway, using Spring beans in Tapestry-IoC is
> > easy.
> >
>
> To me it makes sense to at least show an example in a book because it is
> such a popular choice and so many people are familiar with it. I must admit
> I haven't read all of Igor's book yet. Sadly most of the projects that pay
> the bills for me do not include any Tapestry, so that book keeps getting
> pushed to the bottom of the stack, even though I really like what I have
> read so far.
>
>
> regards,
>
> Onno
>
Re: Proposal for a new book: Mastering Apache Tapestry
Posted by Onno Scheffers <on...@piraya.nl>.
>
>
> Some topics I'd be interested in:
>> - Application security, authentication and authorization- best practices
>> with several popular frameworks
>>
>
> Several popular frameworks? Which ones?
>
I'd say the most popular ones are Shiro and Spring Security. So far I have
only rolled my own based on the blog article by Howard a while ago.
I see questions about authentication/authorization in Tapestry popup quite
a bit so it deserves some attention, since pretty much any application
requires it and it would really help if some popular solutions are
explained in one place.
> This is already covered in Igor's book, so I'm not sure my one really
> needs to talk about it too. Anyway, using Spring beans in Tapestry-IoC is
> easy.
>
To me it makes sense to at least show an example in a book because it is
such a popular choice and so many people are familiar with it. I must admit
I haven't read all of Igor's book yet. Sadly most of the projects that pay
the bills for me do not include any Tapestry, so that book keeps getting
pushed to the bottom of the stack, even though I really like what I have
read so far.
regards,
Onno
Re: Proposal for a new book: Mastering Apache Tapestry
Posted by Thiago H de Paula Figueiredo <th...@gmail.com>.
On Tue, 06 Aug 2013 07:52:50 -0300, Onno Scheffers <on...@piraya.nl> wrote:
> Looking forward to this.
> More books will be good for Tapestry, especially when they start covering
> more advanced topics such as in-depth Tapestry IOC. I will buy a copy.
Nice! :)
> Some topics I'd be interested in:
> - Application security, authentication and authorization- best practices
> with several popular frameworks
Several popular frameworks? Which ones?
Doesn't this fall a little over the focus of the book, which is Tapestry
itself? The book can talk about setting up Apache Shiro via
tapestry-security, for example, but then talking about Shiro specifically
looks like lack of coesion (in the OOP sense) to me. Of course, security
is very important.
> - Spring integration
This is already covered in Igor's book, so I'm not sure my one really
needs to talk about it too. Anyway, using Spring beans in Tapestry-IoC is
easy.
Thanks for the suggestions!
--
Thiago H. de Paula Figueiredo
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Proposal for a new book: Mastering Apache Tapestry
Posted by Onno Scheffers <on...@piraya.nl>.
Looking forward to this.
More books will be good for Tapestry, especially when they start covering
more advanced topics such as in-depth Tapestry IOC. I will buy a copy.
Some topics I'd be interested in:
- Application security, authentication and authorization- best practices
with several popular frameworks
- Spring integration
- Onno
On Mon, Aug 5, 2013 at 10:13 PM, Thiago H de Paula Figueiredo <
thiago@arsmachina.com.br> wrote:
> Hi!
>
> I've said a handful of times in this mailing list that I'd love to write a
> book on Tapestry. With crowdsourcing sites like Kickstarter and Indiegogo,
> I can check whether there's demand enough for the book before writing. In
> addition, it seems I'll have the free time needed to start working
> seriously on it. (By the way, if you need Tapestry consulting or
> development, e-mail me!).
>
> Igor already wrote a very nice book about Tapestry, more targeted at
> people trying to learn the framework, so I won't replicate his effort.
> Instead, I'm thinking at complementing it. I'm thinking of the following
> question that may be asked by someone who finished Igor's book: now that I
> can write webapps in Tapestry, what else could I learn to have a deep, even
> internal knowledge of it, so I know what to look to implement more
> advanced, specific stuff that uses the framework flexibility to suit my
> needs?
>
> I've written a proposal of the table of contents at
> http://www.arsmachina.com.br/**masteringApacheTapestry.html<http://www.arsmachina.com.br/masteringApacheTapestry.html>.
> Feel free to suggest anything about it.
>
> Some notes:
>
> * It may look wrong in the beggining, but the book starts with a deep look
> at Tapestry-IoC. Everything else in the book will need T-IoC. And, if you
> really want to dive deep into Tapestry-core, you'll need to know T-IoC very
> well.
>
> * There will be lots of code examples. Ideally, one for anything which
> could be better exemplified with code. They'll be freely downloadable,
> probably with their sources in GitHub.
>
> * I thought about a cookbook section, but I'm not sure what people would
> find interesting.
>
> * You may suggest by asking questions about Tapestry or how to implement
> something with it, even if it sounds preposterous.
>
> * At least for now, an A4-formatted (for better viewing of code examples),
> DRM-free PDF file will be only option available.
>
> * I haven't defined the price yet, but it'll be in the 20 to 30 dollars
> range, probably in the middle.
>
> * I'll just create the Indiegogo campaign if there's enough buzz in the
> mailing list. Kickstarter isn't an option because, as you may already know,
> I'm a Brazilian living in Brazil and Kickstarter only accepts campaigns
> from USA citizens.
>
> What do you guys think? All feedback is welcome. :)
>
> Cheers!
>
> --
> Thiago H. de Paula Figueiredo
>
> ------------------------------**------------------------------**---------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.**apache.org<us...@tapestry.apache.org>
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
Re: Proposal for a new book: Mastering Apache Tapestry
Posted by Thiago H de Paula Figueiredo <th...@gmail.com>.
Back to the discussion. :)
On Thu, 08 Aug 2013 06:50:16 -0300, Geoff Callender
<ge...@gmail.com> wrote:
> I completely agree. If the aim is to help Tapestry then why not do as
> described below by Alessi?
Alessi's suggestion looks quite good to me. I'd describe it as releasing
minibooks. :) I'm just afraid that this would cause harm to Tapestry
image, as some people would feel that this is something like charging for
documentation, something that wouldn't happen with a book. What do you
think?
> Equally useful, in my opinion, would be to contribute "advanced topic"
> pages to Tapestry's web documentation. You would reach a much bigger
> audience. You could reach them sooner, because the contributions can be
> incremental. You could be responsive and up-to-date, because it's a
> cinch to modify.
>
> Besides, you know there's no money in technical books these days, yeah?
I'll talk to it in a different thread.
> Nonetheless, Thiago, I applaud your enthusiasm and your massive ongoing
> contribution to Tapestry.
Thanks! :)
--
Thiago H. de Paula Figueiredo
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Proposal for a new book: Mastering Apache Tapestry
Posted by Alessio Gambi <ag...@gmail.com>.
Another topic of great impact would be 'design methodologies with tapestry': By just knowing the main features of the framework (Ioc, components, ...) and without considering its internals what one can say about best design practices? Are there any suggested workflows of design that exploit tapestry-provided features? Some de-facto standards?
Two critical points:
- not limit yourself to Web apps, even if they are the great majority if t5 based software
- it's important to explain WHY one design choice is better than another when using T5
Cheers
-- Alessio
On 8-ago-2013, at 20:54, Bogdan Ivascu <iv...@gmail.com> wrote:
> I would find a Tapestry book covering in depth Tap-Ioc very appealing.
> Another area of great interest for me is the client side part of Tapestry
> as I find myself writing more and more client side code these days. In
> depth ajax coverage would be a great addition to existing material, in my
> opinion.
> Securing tapestry pages also comes to mind.
> I read above Apache Camel, very interesting idea.
>
>
> On Thu, Aug 8, 2013 at 5:50 AM, Geoff Callender <
> geoff.callender.jumpstart@gmail.com> wrote:
>
>> I completely agree. If the aim is to help Tapestry then why not do as
>> described below by Alessi?
>>
>> Equally useful, in my opinion, would be to contribute "advanced topic"
>> pages to Tapestry's web documentation. You would reach a much bigger
>> audience. You could reach them sooner, because the contributions can be
>> incremental. You could be responsive and up-to-date, because it's a cinch
>> to modify.
>>
>> Besides, you know there's no money in technical books these days, yeah?
>>
>> Nonetheless, Thiago, I applaud your enthusiasm and your massive ongoing
>> contribution to Tapestry.
>>
>> Cheers,
>>
>> Geoff
>>
>> On 07/08/2013, at 4:35 PM, Alessio Gambi wrote:
>>
>>>> I am not sure that there is enough of an audience for two books.
>>>> Perhaps you can cooperate with Igor to get your content into his book?
>>>> There would be a lot of marketing synergy there at least.
>>> Writing a book is a huge commitment and takes usually a lot of time; and
>> if we consider the fast pace at which T5 is evolving lately I do not think
>> that writing another one-man-book is the best strategy.
>>>
>>> Why don't we -as a community- collaborate towards a Web magazine/journal
>> or any other form of periodic publication ?
>>>
>>> Main reasons that I see in favor of this more flexible (agile if you
>> like):
>>>
>>> - papers are more focused and requires in general less effort than a
>> book. They have a fixed number of pages so authors are 'forced' to just say
>> what it is important... Extensive code and additional examples can be also
>> published somewhere else.
>>>
>>> - articles are cheaper (free if the authors wish) to sell and easier to
>> distribute (google scholar like)
>>>
>>> - several authors can contribute to a single article and several papers
>> can be merged into a more concrete/solid publications (book chapters).
>> Making collaboration a daily activity.
>>>
>>> - committers and other members of the community can contribute also by
>> reviewing the various contributions. This will raise the quality of the
>> publications and will give credibility to them.
>>> Remember that peer review is MUST be done in a voluntary fashion for
>> many reasons,
>>> I
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>>> For additional commands, e-mail: users-help@tapestry.apache.org
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> For additional commands, e-mail: users-help@tapestry.apache.org
>>
>>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Proposal for a new book: Mastering Apache Tapestry
Posted by Bogdan Ivascu <iv...@gmail.com>.
I would find a Tapestry book covering in depth Tap-Ioc very appealing.
Another area of great interest for me is the client side part of Tapestry
as I find myself writing more and more client side code these days. In
depth ajax coverage would be a great addition to existing material, in my
opinion.
Securing tapestry pages also comes to mind.
I read above Apache Camel, very interesting idea.
On Thu, Aug 8, 2013 at 5:50 AM, Geoff Callender <
geoff.callender.jumpstart@gmail.com> wrote:
> I completely agree. If the aim is to help Tapestry then why not do as
> described below by Alessi?
>
> Equally useful, in my opinion, would be to contribute "advanced topic"
> pages to Tapestry's web documentation. You would reach a much bigger
> audience. You could reach them sooner, because the contributions can be
> incremental. You could be responsive and up-to-date, because it's a cinch
> to modify.
>
> Besides, you know there's no money in technical books these days, yeah?
>
> Nonetheless, Thiago, I applaud your enthusiasm and your massive ongoing
> contribution to Tapestry.
>
> Cheers,
>
> Geoff
>
> On 07/08/2013, at 4:35 PM, Alessio Gambi wrote:
>
> >> I am not sure that there is enough of an audience for two books.
> >> Perhaps you can cooperate with Igor to get your content into his book?
> >> There would be a lot of marketing synergy there at least.
> > Writing a book is a huge commitment and takes usually a lot of time; and
> if we consider the fast pace at which T5 is evolving lately I do not think
> that writing another one-man-book is the best strategy.
> >
> > Why don't we -as a community- collaborate towards a Web magazine/journal
> or any other form of periodic publication ?
> >
> > Main reasons that I see in favor of this more flexible (agile if you
> like):
> >
> > - papers are more focused and requires in general less effort than a
> book. They have a fixed number of pages so authors are 'forced' to just say
> what it is important... Extensive code and additional examples can be also
> published somewhere else.
> >
> > - articles are cheaper (free if the authors wish) to sell and easier to
> distribute (google scholar like)
> >
> > - several authors can contribute to a single article and several papers
> can be merged into a more concrete/solid publications (book chapters).
> Making collaboration a daily activity.
> >
> > - committers and other members of the community can contribute also by
> reviewing the various contributions. This will raise the quality of the
> publications and will give credibility to them.
> > Remember that peer review is MUST be done in a voluntary fashion for
> many reasons,
> > I
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> > For additional commands, e-mail: users-help@tapestry.apache.org
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
Re: Proposal for a new book: Mastering Apache Tapestry
Posted by Geoff Callender <ge...@gmail.com>.
I completely agree. If the aim is to help Tapestry then why not do as described below by Alessi?
Equally useful, in my opinion, would be to contribute "advanced topic" pages to Tapestry's web documentation. You would reach a much bigger audience. You could reach them sooner, because the contributions can be incremental. You could be responsive and up-to-date, because it's a cinch to modify.
Besides, you know there's no money in technical books these days, yeah?
Nonetheless, Thiago, I applaud your enthusiasm and your massive ongoing contribution to Tapestry.
Cheers,
Geoff
On 07/08/2013, at 4:35 PM, Alessio Gambi wrote:
>> I am not sure that there is enough of an audience for two books.
>> Perhaps you can cooperate with Igor to get your content into his book?
>> There would be a lot of marketing synergy there at least.
> Writing a book is a huge commitment and takes usually a lot of time; and if we consider the fast pace at which T5 is evolving lately I do not think that writing another one-man-book is the best strategy.
>
> Why don't we -as a community- collaborate towards a Web magazine/journal or any other form of periodic publication ?
>
> Main reasons that I see in favor of this more flexible (agile if you like):
>
> - papers are more focused and requires in general less effort than a book. They have a fixed number of pages so authors are 'forced' to just say what it is important... Extensive code and additional examples can be also published somewhere else.
>
> - articles are cheaper (free if the authors wish) to sell and easier to distribute (google scholar like)
>
> - several authors can contribute to a single article and several papers can be merged into a more concrete/solid publications (book chapters). Making collaboration a daily activity.
>
> - committers and other members of the community can contribute also by reviewing the various contributions. This will raise the quality of the publications and will give credibility to them.
> Remember that peer review is MUST be done in a voluntary fashion for many reasons,
> I
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Proposal for a new book: Mastering Apache Tapestry
Posted by Alessio Gambi <ag...@gmail.com>.
Sorry ... The phone tricked me, and I send a draft of the email :)
If we pass over my syntactical and grammatical errors I think you will understand the main message anyway.
Cheers
-- Alessio
On 7-ago-2013, at 08:35, Alessio Gambi <ag...@gmail.com> wrote:
>> I am not sure that there is enough of an audience for two books.
>> Perhaps you can cooperate with Igor to get your content into his book?
>> There would be a lot of marketing synergy there at least.
> Writing a book is a huge commitment and takes usually a lot of time; and if we consider the fast pace at which T5 is evolving lately I do not think that writing another one-man-book is the best strategy.
>
> Why don't we -as a community- collaborate towards a Web magazine/journal or any other form of periodic publication ?
>
> Main reasons that I see in favor of this more flexible (agile if you like):
>
> - papers are more focused and requires in general less effort than a book. They have a fixed number of pages so authors are 'forced' to just say what it is important... Extensive code and additional examples can be also published somewhere else.
>
> - articles are cheaper (free if the authors wish) to sell and easier to distribute (google scholar like)
>
> - several authors can contribute to a single article and several papers can be merged into a more concrete/solid publications (book chapters). Making collaboration a daily activity.
>
> - committers and other members of the community can contribute also by reviewing the various contributions. This will raise the quality of the publications and will give credibility to them.
> Remember that peer review is MUST be done in a voluntary fashion for many reasons,
> I
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Proposal for a new book: Mastering Apache Tapestry
Posted by Alessio Gambi <ag...@gmail.com>.
> I am not sure that there is enough of an audience for two books.
> Perhaps you can cooperate with Igor to get your content into his book?
> There would be a lot of marketing synergy there at least.
Writing a book is a huge commitment and takes usually a lot of time; and if we consider the fast pace at which T5 is evolving lately I do not think that writing another one-man-book is the best strategy.
Why don't we -as a community- collaborate towards a Web magazine/journal or any other form of periodic publication ?
Main reasons that I see in favor of this more flexible (agile if you like):
- papers are more focused and requires in general less effort than a book. They have a fixed number of pages so authors are 'forced' to just say what it is important... Extensive code and additional examples can be also published somewhere else.
- articles are cheaper (free if the authors wish) to sell and easier to distribute (google scholar like)
- several authors can contribute to a single article and several papers can be merged into a more concrete/solid publications (book chapters). Making collaboration a daily activity.
- committers and other members of the community can contribute also by reviewing the various contributions. This will raise the quality of the publications and will give credibility to them.
Remember that peer review is MUST be done in a voluntary fashion for many reasons,
I
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Proposal for a new book: Mastering Apache Tapestry
Posted by Thiago H de Paula Figueiredo <th...@gmail.com>.
On Wed, 07 Aug 2013 12:51:22 -0300, Lenny Primak <lp...@hope.nyc.ny.us>
wrote:
> I look at it a different way.
> Tapestry is Tapestry. Most people who would buy the book won't be
> tapestry experts, and won't know which book to buy, which will add to
> the confusion.
One would have the word Advanced on it, the other wouldn't, so I see no
much confusion.
> Most technical books go from simple to more advanced, and don't make you
> buy an 'advanced' book. IoC, etc. chapters can be in the "Advanced"
> section.
That's a good point. On the other had, Igor's book is almost 500 pages
long already.
> Also, there is a huge downside to fragmentation. In my opinion, Java
> (et all) for all its greatness,
> and due to it's community involvement (which is a good thing) has one
> weak point- there are
> sometimes 1000s different ways to do the same thing, and can lead to
> choice anxiety
> http://jamesshelley.net/2011/08/choice-anxiety/ which can be paralyzing
> and wastes time.
I really don't know what's your point here because I see no fragmentation
at all. Igor's book is for people who don't know Tapestry well yet. Mine
would be for people who already know Tapestry well, but want to go deeper.
> If you want to limit your book for the experts, there are too few of
> those to be worthwhile,so, your book should be aimed at people who know
> nothing about tapestry-ioc, and the logical choice is to combine yours
> and Igor's efforts.
No, my book would be for people who want to be experts.
> I know it's cool (and easier) to try to publish your own book, but in
> this context, I don't think its a good idea to have more than one.
If they were covering the same stuff, I could agree with you. And some
people does use number of books as a way of comparing options.
--
Thiago H. de Paula Figueiredo
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Proposal for a new book: Mastering Apache Tapestry
Posted by Lenny Primak <lp...@hope.nyc.ny.us>.
I look at it a different way.
Tapestry is Tapestry. Most people who would buy the book won't be tapestry experts,
and won't know which book to buy, which will add to the confusion.
Most technical books go from simple to more advanced, and don't make you buy an 'advanced'
book. IoC, etc. chapters can be in the "Advanced" section.
Also, there is a huge downside to fragmentation. In my opinion, Java (et all) for all its greatness,
and due to it's community involvement (which is a good thing) has one weak point- there are
sometimes 1000s different ways to do the same thing, and can lead to choice anxiety
http://jamesshelley.net/2011/08/choice-anxiety/ which can be paralyzing and wastes time.
If you want to limit your book for the experts, there are too few of those to be worthwhile,
so, your book should be aimed at people who know nothing about tapestry-ioc,
and the logical choice is to combine yours and Igor's efforts.
I know it's cool (and easier) to try to publish your own book, but in this context,
I don't think its a good idea to have more than one.
On Aug 7, 2013, at 7:49 AM, Thiago H de Paula Figueiredo wrote:
> On Wed, 07 Aug 2013 01:34:30 -0300, Lenny Primak <lp...@hope.nyc.ny.us> wrote:
>
>> I was going to write a message, but most of what I wanted to say was already said.
>> I am not sure that there is enough of an audience for two books.
>
> Even if the two books cover have different content and focuses? Igor's book level is beginner to mid-level, mine would be mid-level to advanced, mostly advanced.
>
>> Perhaps you can cooperate with Igor to get your content into his book?
>
> I'm not sure having a single Tapestry bible-like book would be a good idea. It would need to cost more, and people don't usually buy expensive books. The ones who already bought Igor's book would probably not want to pay even more to buy a book that a large part of it they already have. And people who already know Tapestry would have to pay for an expensive, long book just for part of it.
>
>> There would be a lot of marketing synergy there at least.
>
> That I agree, but I don't think it makes business sense, as I described above.
>
> --
> Thiago H. de Paula Figueiredo
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Proposal for a new book: Mastering Apache Tapestry
Posted by Thiago H de Paula Figueiredo <th...@gmail.com>.
On Wed, 07 Aug 2013 01:34:30 -0300, Lenny Primak <lp...@hope.nyc.ny.us>
wrote:
> I was going to write a message, but most of what I wanted to say was
> already said.
> I am not sure that there is enough of an audience for two books.
Even if the two books cover have different content and focuses? Igor's
book level is beginner to mid-level, mine would be mid-level to advanced,
mostly advanced.
> Perhaps you can cooperate with Igor to get your content into his book?
I'm not sure having a single Tapestry bible-like book would be a good
idea. It would need to cost more, and people don't usually buy expensive
books. The ones who already bought Igor's book would probably not want to
pay even more to buy a book that a large part of it they already have. And
people who already know Tapestry would have to pay for an expensive, long
book just for part of it.
> There would be a lot of marketing synergy there at least.
That I agree, but I don't think it makes business sense, as I described
above.
--
Thiago H. de Paula Figueiredo
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Proposal for a new book: Mastering Apache Tapestry
Posted by Lenny Primak <lp...@hope.nyc.ny.us>.
I was going to write a message, but most of what I wanted to say was already said.
I am not sure that there is enough of an audience for two books.
Perhaps you can cooperate with Igor to get your content into his book?
There would be a lot of marketing synergy there at least.
On Aug 5, 2013, at 4:13 PM, Thiago H de Paula Figueiredo wrote:
> Hi!
>
> I've said a handful of times in this mailing list that I'd love to write a book on Tapestry. With crowdsourcing sites like Kickstarter and Indiegogo, I can check whether there's demand enough for the book before writing. In addition, it seems I'll have the free time needed to start working seriously on it. (By the way, if you need Tapestry consulting or development, e-mail me!).
>
> Igor already wrote a very nice book about Tapestry, more targeted at people trying to learn the framework, so I won't replicate his effort. Instead, I'm thinking at complementing it. I'm thinking of the following question that may be asked by someone who finished Igor's book: now that I can write webapps in Tapestry, what else could I learn to have a deep, even internal knowledge of it, so I know what to look to implement more advanced, specific stuff that uses the framework flexibility to suit my needs?
>
> I've written a proposal of the table of contents at http://www.arsmachina.com.br/masteringApacheTapestry.html. Feel free to suggest anything about it.
>
> Some notes:
>
> * It may look wrong in the beggining, but the book starts with a deep look at Tapestry-IoC. Everything else in the book will need T-IoC. And, if you really want to dive deep into Tapestry-core, you'll need to know T-IoC very well.
>
> * There will be lots of code examples. Ideally, one for anything which could be better exemplified with code. They'll be freely downloadable, probably with their sources in GitHub.
>
> * I thought about a cookbook section, but I'm not sure what people would find interesting.
>
> * You may suggest by asking questions about Tapestry or how to implement something with it, even if it sounds preposterous.
>
> * At least for now, an A4-formatted (for better viewing of code examples), DRM-free PDF file will be only option available.
>
> * I haven't defined the price yet, but it'll be in the 20 to 30 dollars range, probably in the middle.
>
> * I'll just create the Indiegogo campaign if there's enough buzz in the mailing list. Kickstarter isn't an option because, as you may already know, I'm a Brazilian living in Brazil and Kickstarter only accepts campaigns from USA citizens.
>
> What do you guys think? All feedback is welcome. :)
>
> Cheers!
>
> --
> Thiago H. de Paula Figueiredo
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Securing page with Tapestry
Posted by "D.R." <d....@googlemail.com>.
Hi,
Of course it is null, if you don't provide it as a t5 service or pass it
wrong to your RequiresLoginFilter.
How does your code look after your changes?
Provide full stack trace after your changes pls.
This is also weird imho:
@SuppressWarnings("unchecked")
public static void
contributeComponentRequestHandler(OrderedConfiguration configuration) {
configuration.addInstance("RequiresLogin",
RequiresLoginFilter.class);
}
Correct me if i am wrong, but don't you have to provide the
RequiresLoginFilter as a t5 service?
Passing the request to the constructor is ok, but anyway this is not the
current issue.
whoops, the request is null in your t5 page class? I can not believe that.
With kind regards
David
Am 07.08.2013 18:11, schrieb Will N.:
>
> I have changed that but the exception remains... seems like the the
> request the AuthenticatorImpl.java is null;
>
> public boolean isLoggedIn() {
>
> org.apache.tapestry5.services.Session session =
> request.getSession(true); // request is null
> if (session != null) { return session.getAttribute(AUTH_TOKEN)
> != null; }
> return false;
>
> }
>
> Am i Suppose to pass the request to the constructor or to add anything
> else in the AppModule?
>
> Am 07.08.2013 17:18, schrieb D.R.:
>> Hi,
>>
>> where is the registration of AuthenticatorImp implements
>> AuthenticatorInterface? I can not see it in your binder.bind
>>
>> Your constructor looks weird:
>> public void PageAccessFilter in class RequiresLoginFilter ???
>>
>> You should pass the interface there, not the impl.
>>
>>
>> Kind regards
>> David
>>
>> Am 07.08.2013 16:12, schrieb Willy Browne:
>>> thanks for the help. I removed my Interface and now i get a
>>> NullPointerException
>>> *
>>> RequiresLoginFilter.dispatchedToLoginPage(RequiresLoginFilter.java:66)
>>> *
>>> services.RequiresLoginFilter.handlePageRender(RequiresLoginFilter.java:57)
>>> *
>>> org.apache.tapestry5.services.InitializeActivePageName.handlePageRender(InitializeActivePageName.java:47)
>>> *
>>> org.apache.tapestry5.internal.services.RootPathDispatcher.dispatch(RootPathDispatcher.java:66)
>>> *
>>> org.apache.tapestry5.services.TapestryModule$RequestHandlerTerminator.service(TapestryModule.java:302)
>>> * .services.PmsModule$1.service(PmsModule.java:115)
>>> *
>>> org.apache.tapestry5.internal.services.RequestErrorFilter.service(RequestErrorFilter.java:26)
>>> *
>>> org.apache.tapestry5.services.TapestryModule$3.service(TapestryModule.java:902)
>>> *
>>> org.apache.tapestry5.services.TapestryModule$2.service(TapestryModule.java:892)
>>> *
>>> org.apache.tapestry5.internal.services.StaticFilesFilter.service(StaticFilesFilter.java:90)
>>> *
>>> org.apache.tapestry5.internal.services.CheckForUpdatesFilter$2.invoke(CheckForUpdatesFilter.java:105)
>>> *
>>> org.apache.tapestry5.internal.services.CheckForUpdatesFilter$2.invoke(CheckForUpdatesFilter.java:95)
>>> *
>>> org.apache.tapestry5.ioc.internal.util.ConcurrentBarrier.withRead(ConcurrentBarrier.java:85)
>>> *
>>> org.apache.tapestry5.internal.services.CheckForUpdatesFilter.service(CheckForUpdatesFilter.java:119)
>>> *
>>> org.apache.tapestry5.services.TapestryModule$HttpServletRequestHandlerTerminator.service(TapestryModule.java:253)
>>> *
>>> org.apache.tapestry5.internal.gzip.GZipFilter.service(GZipFilter.java:53)
>>> *
>>> org.apache.tapestry5.internal.services.IgnoredPathsFilter.service(IgnoredPathsFilter.java:62)
>>> *
>>> org.apache.tapestry5.services.TapestryModule$1.service(TapestryModule.java:852)
>>> *
>>> org.apache.tapestry5.TapestryFilter.doFilter(TapestryFilter.java:171)
>>>
>>> public class RequiresLoginFilter implements ComponentRequestFilter {
>>> private PageRenderLinkSource renderLinkSource;
>>>
>>> private ComponentSource componentSource;
>>> private Response response;
>>>
>>> private AuthenticatorImp authService;
>>>
>>> public void PageAccessFilter(PageRenderLinkSource renderLinkSource,
>>> ComponentSource componentSource, Response response,
>>> AuthenticatorImp authService) {
>>>
>>> this.renderLinkSource = renderLinkSource;
>>> this.componentSource = componentSource;
>>> this.response = response;
>>> this.authService = authService;
>>>
>>> }
>>>
>>> public void handleComponentEvent(
>>> ComponentEventRequestParameters parameters,
>>> ComponentRequestHandler handler) throws IOException {
>>>
>>> if (dispatchedToLoginPage(parameters.getActivePageName())) {
>>> return;
>>> }
>>>
>>> handler.handleComponentEvent(parameters);
>>>
>>> }
>>>
>>> public void handlePageRender(PageRenderRequestParameters parameters,
>>> ComponentRequestHandler handler) throws IOException {
>>> if (dispatchedToLoginPage(parameters.getLogicalPageName())) {
>>> return;
>>> }
>>>
>>> handler.handlePageRender(parameters);
>>> }
>>>
>>> private boolean dispatchedToLoginPage(String pageName) throws
>>> IOException {
>>> if (authService.isLoggedIn()) { // line 66
>>> return false;
>>> }
>>>
>>> Component page = componentSource.getPage(pageName);
>>>
>>> if (!page.getClass().isAnnotationPresent(RequiresLogin.class)) {
>>> return false;
>>> }
>>>
>>> Link link = renderLinkSource.createPageRenderLink("Login");
>>>
>>> response.sendRedirect(link);
>>>
>>> return true;
>>> }
>>> }
>>>
>>>
>>> public class RequiresLoginFilter implements ComponentRequestFilter {
>>> private PageRenderLinkSource renderLinkSource;
>>>
>>> private ComponentSource componentSource;
>>> private Response response;
>>>
>>> private AuthenticatorImp authService;
>>>
>>> public void PageAccessFilter(PageRenderLinkSource renderLinkSource,
>>> ComponentSource componentSource, Response response,
>>> AuthenticatorImp authService) {
>>>
>>> this.renderLinkSource = renderLinkSource;
>>> this.componentSource = componentSource;
>>> this.response = response;
>>> this.authService = authService;
>>>
>>> }
>>>
>>> public void handleComponentEvent(
>>> ComponentEventRequestParameters parameters,
>>> ComponentRequestHandler handler) throws IOException {
>>>
>>> if (dispatchedToLoginPage(parameters.getActivePageName())) {
>>> return;
>>> }
>>>
>>> handler.handleComponentEvent(parameters);
>>>
>>> }
>>>
>>> public void handlePageRender(PageRenderRequestParameters parameters,
>>> ComponentRequestHandler handler) throws IOException {
>>> if (dispatchedToLoginPage(parameters.getLogicalPageName())) {
>>> return;
>>> }
>>>
>>> handler.handlePageRender(parameters);
>>> }
>>>
>>> private boolean dispatchedToLoginPage(String pageName) throws
>>> IOException { // line 57
>>> if (authService.isLoggedIn()) {
>>> return false;
>>> }
>>>
>>> Component page = componentSource.getPage(pageName);
>>>
>>> if (!page.getClass().isAnnotationPresent(RequiresLogin.class)) {
>>> return false;
>>> }
>>>
>>> Link link = renderLinkSource.createPageRenderLink("Login");
>>>
>>> response.sendRedirect(link);
>>>
>>> return true;
>>> }
>>> }
>>>
>>>
>>>
>>> public class AuthenticatorImp implements AuthenticatorInterface{
>>>
>>> public static final String AUTH_TOKEN = "authToken";
>>> /**
>>> *
>>> */
>>> public AuthenticatorImp() {
>>> super();
>>> // TODO Auto-generated constructor stub
>>> }
>>>
>>> /**
>>> * @param request
>>> */
>>> public AuthenticatorImp(Request request) {
>>> super();
>>> this.request = request;
>>> }
>>>
>>>
>>>
>>>
>>> @Inject
>>> private Request request;
>>> public Mitarbeiter getLoggedUser() {
>>> Mitarbeiter user = null;
>>>
>>> if (isLoggedIn())
>>> user = (Mitarbeiter)
>>> request.getSession(true).getAttribute(AUTH_TOKEN);
>>> else
>>> throw new IllegalStateException("The user is not logged
>>> ! ");
>>> return user;
>>> }
>>>
>>> public boolean isLoggedIn() {
>>> org.apache.tapestry5.services.Session session =
>>> request.getSession(true);
>>> if (session != null) { return
>>> session.getAttribute(AUTH_TOKEN) != null; }
>>> return false;
>>>
>>> }
>>>
>>> @SuppressWarnings("unchecked")
>>> public void login(String nickName, String password,
>>> org.hibernate.Session session)
>>> throws NoSuchAlgorithmException, UnsupportedEncodingException {
>>> MitarbeiterDaoImpl mitarbeiterDao = new MitarbeiterDaoImpl(
>>> Mitarbeiter.class, session);
>>> Mitarbeiter authUser = mitarbeiterDao.authenticate(nickName,
>>> Encrypt.MD5(password));
>>>
>>> try{
>>> request.getSession(true).setAttribute(AUTH_TOKEN, authUser);
>>> }
>>> catch(NullPointerException e){
>>> System.out.println("Beim Einlogen ist ein fehler aufgetreten");
>>> }
>>> }
>>>
>>> public void logout() {
>>> org.apache.tapestry5.services.Session session =
>>> request.getSession(false);
>>> if (session != null)
>>> {
>>> session.setAttribute(AUTH_TOKEN, null);
>>> session.invalidate();
>>> }
>>> }
>>>
>>>
>>> }
>>>
>>> ________________________________
>>> De : Taha Hafeez Siddiqi <ta...@gmail.com>
>>> À : Tapestry users <us...@tapestry.apache.org>
>>> Envoyé le : Mardi 6 août 2013 14h41
>>> Objet : Re: Securing page with Tapestry
>>>
>>> Are you defining your own ComponentRequestFilter interface? As you
>>> have included the code for that I am assuming you have.
>>>
>>> You have to implement Tapestry's ComponentRequestFilter, not your
>>> own as you can't contribute to the RequestHandler any other
>>> implementation.
>>>
>>> regards
>>> Taha
>>>
>>> On 06-Aug-2013, at 5:53 PM, Will N. <ll...@yahoo.fr> wrote:
>>>
>>>> Am 06.08.2013 14:13, schrieb Thiago H de Paula Figueiredo:
>>>>> I'm sorry, I should have asked for your ComponentRequestFilter
>>>>> implementation source too. ;)
>>>>>
>>>>> On Tue, 06 Aug 2013 08:31:15 -0300, Will N.
>>>>> <ll...@yahoo.fr> wrote:
>>>>>
>>>>>> Am 06.08.2013 13:25, schrieb Thiago H de Paula Figueiredo:
>>>>>>> On Tue, 06 Aug 2013 05:10:37 -0300, Will N.
>>>>>>> <ll...@yahoo.fr> wrote:
>>>>>>>
>>>>>>>> Hi,
>>>>>>> Hi!
>>>>>>>
>>>>>>>> I am trying secure some pages of my application as shown in
>>>>>>>> this tutorial.
>>>>>>>> http://tapestryjava.blogspot.co.uk/search/label/security
>>>>>>>> But I am having following error message when I start the
>>>>>>>> application.
>>>>>>>> Since the RequiresLoginFilte class implements the
>>>>>>>> ComponentRequestFilter interface, I am confused about the
>>>>>>>> coertion error!
>>>>>>> The error is weird. Could you post your
>>>>>>> PmsModule.contributeComponentRequestHandler() method
>>>>>> /**
>>>>>> * This module is automatically included as part of the
>>>>>> Tapestry IoC Registry,
>>>>>> * it's a good place to configure and extend Tapestry, or to
>>>>>> place your own
>>>>>> * service definitions. spring
>>>>>> */
>>>>>> public class PmsModule {
>>>>>> // public static void bind(ServiceBinder binder) {
>>>>>> // // binder.bind(MyServiceInterface.class,
>>>>>> MyServiceImpl.class);
>>>>>> //
>>>>>> // // Make bind() calls on the binder object to define
>>>>>> most IoC services.
>>>>>> // // Use service builder methods (example below) when the
>>>>>> implementation
>>>>>> // // is provided inline, or requires more initialization
>>>>>> than simply
>>>>>> // // invoking the constructor.
>>>>>> // binder.bind(ArbeitspaketDao.class,
>>>>>> ArbeitspaketDaoImpl.class);
>>>>>> // binder.bind(AufgabeDao.class, AufgabeDaoImpl.class);
>>>>>> // binder.bind(BasicDao.class, BasicDaoImpl.class);
>>>>>> // binder.bind(FunktionDao.class, FunktionDaoImpl.class);
>>>>>> //// binder.bind(GrantedAuthorityBeanDao.class,
>>>>>> //// GrantedAuthorityBeanDaoImpl.class);
>>>>>> // binder.bind(MitarbeiterDao.class,
>>>>>> MitarbeiterDaoImpl.class);
>>>>>> // binder.bind(MitarbeiterProjektDao.class,
>>>>>> // MitarbeiterProjektDaoImpl.class);
>>>>>> // binder.bind(ModulDao.class, ModulDaoImpl.class);
>>>>>> // binder.bind(PersonMonatDao.class,
>>>>>> PersonMonatDaoImpl.class);
>>>>>> // binder.bind(UserDataDao.class, UserDataDaoImpl.class);
>>>>>> // binder.bind(ProjektDao.class, ProjektDaoImpl.class);
>>>>>> // binder.bind(UnteraufgabeDao.class,
>>>>>> UnteraufgabeDaoImpl.class);
>>>>>> // binder.bind(UnterunteraufgabeDao.class,
>>>>>> UnterunteraufgabeDaoImpl.class);
>>>>>> //
>>>>>> // }
>>>>>>
>>>>>> public static void contributeFactoryDefaults(
>>>>>> MappedConfiguration<String, Object> configuration) {
>>>>>> // The application version number is incorprated into
>>>>>> URLs for some
>>>>>> // assets. Web browsers will cache assets because of
>>>>>> the far future
>>>>>> // expires
>>>>>> // header. If existing assets are changed, the version
>>>>>> number should
>>>>>> // also
>>>>>> // change, to force the browser to download new
>>>>>> versions. This overrides
>>>>>> // Tapesty's default
>>>>>> // (a random hexadecimal number), but may be further
>>>>>> overriden by
>>>>>> // DevelopmentModule or
>>>>>> // QaModule.
>>>>>> configuration.override(SymbolConstants.APPLICATION_VERSION,
>>>>>> "1.0-SNAPSHOT");
>>>>>> }
>>>>>>
>>>>>> public static void contributeApplicationDefaults(
>>>>>> MappedConfiguration<String, Object> configuration) {
>>>>>> // Contributions to ApplicationDefaults will override
>>>>>> any contributions
>>>>>> // to
>>>>>> // FactoryDefaults (with the same key). Here we're
>>>>>> restricting the
>>>>>> // supported
>>>>>> // locales to just "en" (English). As you add localised
>>>>>> message catalogs
>>>>>> // and other assets,
>>>>>> // you can extend this list of locales (it's a comma
>>>>>> separated series of
>>>>>> // locale names;
>>>>>> // the first locale name is the default when there's no
>>>>>> reasonable
>>>>>> // match).
>>>>>> // configuration.add(SymbolConstants.SUPPORTED_LOCALES,
>>>>>> "en");
>>>>>> configuration.add(SymbolConstants.SUPPORTED_LOCALES,
>>>>>> "de");
>>>>>> configuration.add(SymbolConstants.COMPRESS_WHITESPACE,
>>>>>> "true");
>>>>>>
>>>>>> }
>>>>>>
>>>>>> /**
>>>>>> * This is a service definition, the service will be named
>>>>>> "TimingFilter".
>>>>>> * The interface, RequestFilter, is used within the
>>>>>> RequestHandler service
>>>>>> * pipeline, which is built from the RequestHandler service
>>>>>> configuration.
>>>>>> * Tapestry IoC is responsible for passing in an
>>>>>> appropriate Logger
>>>>>> * instance. Requests for static resources are handled at a
>>>>>> higher level, so
>>>>>> * this filter will only be invoked for Tapestry related
>>>>>> requests.
>>>>>> * <p/>
>>>>>> * <p/>
>>>>>> * Service builder methods are useful when the
>>>>>> implementation is inline as
>>>>>> * an inner class (as here) or require some other kind of
>>>>>> special
>>>>>> * initialization. In most cases, use the static bind()
>>>>>> method instead.
>>>>>> * <p/>
>>>>>> * <p/>
>>>>>> * If this method was named "build", then the service id
>>>>>> would be taken from
>>>>>> * the service interface and would be "RequestFilter".
>>>>>> Since Tapestry
>>>>>> * already defines a service named "RequestFilter" we use
>>>>>> an explicit
>>>>>> * service id that we can reference inside the contribution
>>>>>> method.
>>>>>> */
>>>>>> public RequestFilter buildTimingFilter(final Logger log) {
>>>>>> return new RequestFilter() {
>>>>>> public boolean service(Request request, Response
>>>>>> response,
>>>>>> RequestHandler handler) throws IOException {
>>>>>> long startTime = System.currentTimeMillis();
>>>>>>
>>>>>> try {
>>>>>> // The responsibility of a filter is to
>>>>>> invoke the
>>>>>> // corresponding method
>>>>>> // in the handler. When you chain multiple
>>>>>> filters together,
>>>>>> // each filter
>>>>>> // received a handler that is a bridge to
>>>>>> the next filter.
>>>>>>
>>>>>> return handler.service(request, response);
>>>>>> } finally {
>>>>>> long elapsed = System.currentTimeMillis() -
>>>>>> startTime;
>>>>>>
>>>>>> log.info(String.format("Request time: %d
>>>>>> ms", elapsed));
>>>>>> }
>>>>>> }
>>>>>> };
>>>>>> }
>>>>>>
>>>>>> /**
>>>>>> * This is a contribution to the RequestHandler service
>>>>>> configuration. This
>>>>>> * is how we extend Tapestry using the timing filter. A
>>>>>> common use for this
>>>>>> * kind of filter is transaction management or security.
>>>>>> The @Local
>>>>>> * annotation selects the desired service by type, but only
>>>>>> from the same
>>>>>> * module. Without @Local, there would be an error due to
>>>>>> the other
>>>>>> * service(s) that implement RequestFilter (defined in
>>>>>> other modules).
>>>>>> */
>>>>>> public void
>>>>>> contributeRequestHandler(OrderedConfiguration<RequestFilter>
>>>>>> configuration, @Local RequestFilter filter) {
>>>>>> // Each contribution to an ordered configuration has a
>>>>>> name, When
>>>>>> // necessary, you may
>>>>>> // set constraints to precisely control the invocation
>>>>>> order of the
>>>>>> // contributed filter
>>>>>> // within the pipeline.
>>>>>>
>>>>>> configuration.add("Timing", filter);
>>>>>> }
>>>>>>
>>>>>>
>>>>>> @SuppressWarnings("unchecked")
>>>>>> public static void
>>>>>> contributeComponentRequestHandler(OrderedConfiguration
>>>>>> configuration) {
>>>>>> configuration.addInstance("RequiresLogin",
>>>>>> RequiresLoginFilter.class);
>>>>>>
>>>>>> }
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> }
>>>>>>
>>>>>> ---------------------------------------------------------------------
>>>>>>
>>>>>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>>>>>> For additional commands, e-mail: users-help@tapestry.apache.org
>>>>>>
>>>>
>>>> import java.io.IOException;
>>>>
>>>> import org.apache.tapestry5.services.ComponentEventRequestParameters;
>>>> import org.apache.tapestry5.services.ComponentRequestHandler;
>>>> import org.apache.tapestry5.services.PageRenderRequestParameters;
>>>>
>>>>
>>>> /**
>>>> * Filter interface for {@link
>>>> org.apache.tapestry5.services.ComponentRequestHandler}.
>>>> */
>>>> /**
>>>> * Our implementation of this filter will check the page referenced
>>>> in the request to see if it has the annotation.
>>>> * If the annotation is present and the user has not yet logged in,
>>>> we'll redirect to the Login page.
>>>> * When a redirect is not necessary, we delegate to the next handler
>>>> in the pipeline2:
>>>> */
>>>> public interface ComponentRequestFilter
>>>> {
>>>> /**
>>>> * Handler for a component action request which will trigger
>>>> an event on a component and use the return value to
>>>> * send a response to the client (typically, a redirect to a
>>>> page render URL).
>>>> *
>>>> * @param parameters defining the request
>>>> * @param handler next handler in the pipeline
>>>> */
>>>> void handleComponentEvent(ComponentEventRequestParameters
>>>> parameters, ComponentRequestHandler handler)
>>>> throws IOException;
>>>>
>>>> /**
>>>> * Invoked to activate and render a page. In certain cases,
>>>> based on values returned when activating the page, a
>>>> * {@link
>>>> org.apache.tapestry5.services.ComponentEventResultProcessor} may be
>>>> used to send an alternate response
>>>> * (typically, a redirect).
>>>> *
>>>> * @param parameters defines the page name and activation context
>>>> * @param handler next handler in the pipeline
>>>> */
>>>> void handlePageRender(PageRenderRequestParameters parameters,
>>>> ComponentRequestHandler handler) throws IOException;
>>>> }
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> import java.io.IOException;
>>>>
>>>> import org.apache.tapestry5.Link;
>>>> import org.apache.tapestry5.runtime.Component;
>>>> import org.apache.tapestry5.services.ComponentEventRequestParameters;
>>>> import org.apache.tapestry5.services.ComponentRequestHandler;
>>>> import org.apache.tapestry5.services.ComponentSource;
>>>> import org.apache.tapestry5.services.PageRenderLinkSource;
>>>> import org.apache.tapestry5.services.PageRenderRequestParameters;
>>>> import org.apache.tapestry5.services.Response;
>>>>
>>>>
>>>> import com.example.pms.annotations.*;
>>>>
>>>>
>>>> public class RequiresLoginFilter implements ComponentRequestFilter {
>>>>
>>>> private PageRenderLinkSource renderLinkSource;
>>>>
>>>> private ComponentSource componentSource;
>>>>
>>>> private Response response;
>>>>
>>>> // private final AuthenticationService authService;
>>>> private AuthenticatorImp authService;
>>>>
>>>>
>>>> public void PageAccessFilter(PageRenderLinkSource
>>>> renderLinkSource, ComponentSource componentSource,
>>>> Response response,
>>>> AuthenticatorImp authService) {
>>>>
>>>> this.renderLinkSource = renderLinkSource;
>>>> this.componentSource = componentSource;
>>>> this.response = response;
>>>> this.authService = authService;
>>>>
>>>> }
>>>>
>>>> public void handleComponentEvent(
>>>> ComponentEventRequestParameters parameters,
>>>> ComponentRequestHandler handler) throws IOException {
>>>>
>>>> if (dispatchedToLoginPage(parameters.getActivePageName())) {
>>>> return;
>>>> }
>>>>
>>>> handler.handleComponentEvent(parameters);
>>>>
>>>> }
>>>>
>>>> public void handlePageRender(PageRenderRequestParameters
>>>> parameters,
>>>> ComponentRequestHandler handler) throws IOException {
>>>>
>>>> if (dispatchedToLoginPage(parameters.getLogicalPageName())) {
>>>> return;
>>>> }
>>>>
>>>> handler.handlePageRender(parameters);
>>>> }
>>>>
>>>> private boolean dispatchedToLoginPage(String pageName) throws
>>>> IOException {
>>>>
>>>> if (authService.isLoggedIn()) {
>>>> return false;
>>>> }
>>>>
>>>> Component page = componentSource.getPage(pageName);
>>>>
>>>> if (! page.getClass().isAnnotationPresent(RequiresLogin.class)) {
>>>> return false;
>>>> }
>>>>
>>>> Link link = renderLinkSource.createPageRenderLink("Index");
>>>>
>>>> response.sendRedirect(link);
>>>>
>>>> return true;
>>>> }
>>>> }
>>>>
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>>>> For additional commands, e-mail: users-help@tapestry.apache.org
>>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>>> For additional commands, e-mail: users-help@tapestry.apache.org
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> For additional commands, e-mail: users-help@tapestry.apache.org
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Securing page with Tapestry
Posted by "Will N." <ll...@yahoo.fr>.
I have changed that but the exception remains... seems like the the
request the AuthenticatorImpl.java is null;
public boolean isLoggedIn() {
org.apache.tapestry5.services.Session session =
request.getSession(true); // request is null
if (session != null) { return session.getAttribute(AUTH_TOKEN)
!= null; }
return false;
}
Am i Suppose to pass the request to the constructor or to add anything
else in the AppModule?
Am 07.08.2013 17:18, schrieb D.R.:
> Hi,
>
> where is the registration of AuthenticatorImp implements
> AuthenticatorInterface? I can not see it in your binder.bind
>
> Your constructor looks weird:
> public void PageAccessFilter in class RequiresLoginFilter ???
>
> You should pass the interface there, not the impl.
>
>
> Kind regards
> David
>
> Am 07.08.2013 16:12, schrieb Willy Browne:
>> thanks for the help. I removed my Interface and now i get a NullPointerException
>> * RequiresLoginFilter.dispatchedToLoginPage(RequiresLoginFilter.java:66)
>> * services.RequiresLoginFilter.handlePageRender(RequiresLoginFilter.java:57)
>> * org.apache.tapestry5.services.InitializeActivePageName.handlePageRender(InitializeActivePageName.java:47)
>> * org.apache.tapestry5.internal.services.RootPathDispatcher.dispatch(RootPathDispatcher.java:66)
>> * org.apache.tapestry5.services.TapestryModule$RequestHandlerTerminator.service(TapestryModule.java:302)
>> * .services.PmsModule$1.service(PmsModule.java:115)
>> * org.apache.tapestry5.internal.services.RequestErrorFilter.service(RequestErrorFilter.java:26)
>> * org.apache.tapestry5.services.TapestryModule$3.service(TapestryModule.java:902)
>> * org.apache.tapestry5.services.TapestryModule$2.service(TapestryModule.java:892)
>> * org.apache.tapestry5.internal.services.StaticFilesFilter.service(StaticFilesFilter.java:90)
>> * org.apache.tapestry5.internal.services.CheckForUpdatesFilter$2.invoke(CheckForUpdatesFilter.java:105)
>> * org.apache.tapestry5.internal.services.CheckForUpdatesFilter$2.invoke(CheckForUpdatesFilter.java:95)
>> * org.apache.tapestry5.ioc.internal.util.ConcurrentBarrier.withRead(ConcurrentBarrier.java:85)
>> * org.apache.tapestry5.internal.services.CheckForUpdatesFilter.service(CheckForUpdatesFilter.java:119)
>> * org.apache.tapestry5.services.TapestryModule$HttpServletRequestHandlerTerminator.service(TapestryModule.java:253)
>> * org.apache.tapestry5.internal.gzip.GZipFilter.service(GZipFilter.java:53)
>> * org.apache.tapestry5.internal.services.IgnoredPathsFilter.service(IgnoredPathsFilter.java:62)
>> * org.apache.tapestry5.services.TapestryModule$1.service(TapestryModule.java:852)
>> * org.apache.tapestry5.TapestryFilter.doFilter(TapestryFilter.java:171)
>>
>> public class RequiresLoginFilter implements ComponentRequestFilter {
>> private PageRenderLinkSource renderLinkSource;
>>
>> private ComponentSource componentSource;
>> private Response response;
>>
>> private AuthenticatorImp authService;
>>
>> public void PageAccessFilter(PageRenderLinkSource renderLinkSource,
>> ComponentSource componentSource, Response response,
>> AuthenticatorImp authService) {
>>
>> this.renderLinkSource = renderLinkSource;
>> this.componentSource = componentSource;
>> this.response = response;
>> this.authService = authService;
>>
>> }
>>
>> public void handleComponentEvent(
>> ComponentEventRequestParameters parameters,
>> ComponentRequestHandler handler) throws IOException {
>>
>> if (dispatchedToLoginPage(parameters.getActivePageName())) {
>> return;
>> }
>>
>> handler.handleComponentEvent(parameters);
>>
>> }
>>
>> public void handlePageRender(PageRenderRequestParameters parameters,
>> ComponentRequestHandler handler) throws IOException {
>> if (dispatchedToLoginPage(parameters.getLogicalPageName())) {
>> return;
>> }
>>
>> handler.handlePageRender(parameters);
>> }
>>
>> private boolean dispatchedToLoginPage(String pageName) throws IOException {
>> if (authService.isLoggedIn()) { // line 66
>> return false;
>> }
>>
>> Component page = componentSource.getPage(pageName);
>>
>> if (!page.getClass().isAnnotationPresent(RequiresLogin.class)) {
>> return false;
>> }
>>
>> Link link = renderLinkSource.createPageRenderLink("Login");
>>
>> response.sendRedirect(link);
>>
>> return true;
>> }
>> }
>>
>>
>> public class RequiresLoginFilter implements ComponentRequestFilter {
>> private PageRenderLinkSource renderLinkSource;
>>
>> private ComponentSource componentSource;
>> private Response response;
>>
>> private AuthenticatorImp authService;
>>
>> public void PageAccessFilter(PageRenderLinkSource renderLinkSource,
>> ComponentSource componentSource, Response response,
>> AuthenticatorImp authService) {
>>
>> this.renderLinkSource = renderLinkSource;
>> this.componentSource = componentSource;
>> this.response = response;
>> this.authService = authService;
>>
>> }
>>
>> public void handleComponentEvent(
>> ComponentEventRequestParameters parameters,
>> ComponentRequestHandler handler) throws IOException {
>>
>> if (dispatchedToLoginPage(parameters.getActivePageName())) {
>> return;
>> }
>>
>> handler.handleComponentEvent(parameters);
>>
>> }
>>
>> public void handlePageRender(PageRenderRequestParameters parameters,
>> ComponentRequestHandler handler) throws IOException {
>> if (dispatchedToLoginPage(parameters.getLogicalPageName())) {
>> return;
>> }
>>
>> handler.handlePageRender(parameters);
>> }
>>
>> private boolean dispatchedToLoginPage(String pageName) throws IOException { // line 57
>> if (authService.isLoggedIn()) {
>> return false;
>> }
>>
>> Component page = componentSource.getPage(pageName);
>>
>> if (!page.getClass().isAnnotationPresent(RequiresLogin.class)) {
>> return false;
>> }
>>
>> Link link = renderLinkSource.createPageRenderLink("Login");
>>
>> response.sendRedirect(link);
>>
>> return true;
>> }
>> }
>>
>>
>>
>> public class AuthenticatorImp implements AuthenticatorInterface{
>>
>> public static final String AUTH_TOKEN = "authToken";
>> /**
>> *
>> */
>> public AuthenticatorImp() {
>> super();
>> // TODO Auto-generated constructor stub
>> }
>>
>> /**
>> * @param request
>> */
>> public AuthenticatorImp(Request request) {
>> super();
>> this.request = request;
>> }
>>
>>
>>
>>
>> @Inject
>> private Request request;
>> public Mitarbeiter getLoggedUser() {
>>
>> Mitarbeiter user = null;
>>
>> if (isLoggedIn())
>> user = (Mitarbeiter) request.getSession(true).getAttribute(AUTH_TOKEN);
>>
>> else
>> throw new IllegalStateException("The user is not logged ! ");
>>
>> return user;
>> }
>>
>> public boolean isLoggedIn() {
>> org.apache.tapestry5.services.Session session = request.getSession(true);
>> if (session != null) { return session.getAttribute(AUTH_TOKEN) != null; }
>> return false;
>>
>> }
>>
>> @SuppressWarnings("unchecked")
>> public void login(String nickName, String password, org.hibernate.Session session)
>> throws NoSuchAlgorithmException, UnsupportedEncodingException {
>> MitarbeiterDaoImpl mitarbeiterDao = new MitarbeiterDaoImpl( Mitarbeiter.class, session);
>> Mitarbeiter authUser = mitarbeiterDao.authenticate(nickName, Encrypt.MD5(password));
>>
>> try{
>> request.getSession(true).setAttribute(AUTH_TOKEN, authUser);
>> }
>> catch(NullPointerException e){
>> System.out.println("Beim Einlogen ist ein fehler aufgetreten");
>> }
>>
>>
>> }
>>
>> public void logout() {
>> org.apache.tapestry5.services.Session session = request.getSession(false);
>> if (session != null)
>> {
>> session.setAttribute(AUTH_TOKEN, null);
>> session.invalidate();
>> }
>> }
>>
>>
>> }
>>
>> ________________________________
>> De : Taha Hafeez Siddiqi <ta...@gmail.com>
>> À : Tapestry users <us...@tapestry.apache.org>
>> Envoyé le : Mardi 6 août 2013 14h41
>> Objet : Re: Securing page with Tapestry
>>
>>
>> Are you defining your own ComponentRequestFilter interface? As you have included the code for that I am assuming you have.
>>
>> You have to implement Tapestry's ComponentRequestFilter, not your own as you can't contribute to the RequestHandler any other implementation.
>>
>> regards
>> Taha
>>
>> On 06-Aug-2013, at 5:53 PM, Will N. <ll...@yahoo.fr> wrote:
>>
>>> Am 06.08.2013 14:13, schrieb Thiago H de Paula Figueiredo:
>>>> I'm sorry, I should have asked for your ComponentRequestFilter implementation source too. ;)
>>>>
>>>> On Tue, 06 Aug 2013 08:31:15 -0300, Will N. <ll...@yahoo.fr> wrote:
>>>>
>>>>> Am 06.08.2013 13:25, schrieb Thiago H de Paula Figueiredo:
>>>>>> On Tue, 06 Aug 2013 05:10:37 -0300, Will N. <ll...@yahoo.fr> wrote:
>>>>>>
>>>>>>> Hi,
>>>>>> Hi!
>>>>>>
>>>>>>> I am trying secure some pages of my application as shown in this tutorial. http://tapestryjava.blogspot.co.uk/search/label/security
>>>>>>> But I am having following error message when I start the application.
>>>>>>> Since the RequiresLoginFilte class implements the ComponentRequestFilter interface, I am confused about the coertion error!
>>>>>> The error is weird. Could you post your PmsModule.contributeComponentRequestHandler() method
>>>>> /**
>>>>> * This module is automatically included as part of the Tapestry IoC Registry,
>>>>> * it's a good place to configure and extend Tapestry, or to place your own
>>>>> * service definitions. spring
>>>>> */
>>>>> public class PmsModule {
>>>>> // public static void bind(ServiceBinder binder) {
>>>>> // // binder.bind(MyServiceInterface.class, MyServiceImpl.class);
>>>>> //
>>>>> // // Make bind() calls on the binder object to define most IoC services.
>>>>> // // Use service builder methods (example below) when the implementation
>>>>> // // is provided inline, or requires more initialization than simply
>>>>> // // invoking the constructor.
>>>>> // binder.bind(ArbeitspaketDao.class, ArbeitspaketDaoImpl.class);
>>>>> // binder.bind(AufgabeDao.class, AufgabeDaoImpl.class);
>>>>> // binder.bind(BasicDao.class, BasicDaoImpl.class);
>>>>> // binder.bind(FunktionDao.class, FunktionDaoImpl.class);
>>>>> //// binder.bind(GrantedAuthorityBeanDao.class,
>>>>> //// GrantedAuthorityBeanDaoImpl.class);
>>>>> // binder.bind(MitarbeiterDao.class, MitarbeiterDaoImpl.class);
>>>>> // binder.bind(MitarbeiterProjektDao.class,
>>>>> // MitarbeiterProjektDaoImpl.class);
>>>>> // binder.bind(ModulDao.class, ModulDaoImpl.class);
>>>>> // binder.bind(PersonMonatDao.class, PersonMonatDaoImpl.class);
>>>>> // binder.bind(UserDataDao.class, UserDataDaoImpl.class);
>>>>> // binder.bind(ProjektDao.class, ProjektDaoImpl.class);
>>>>> // binder.bind(UnteraufgabeDao.class, UnteraufgabeDaoImpl.class);
>>>>> // binder.bind(UnterunteraufgabeDao.class, UnterunteraufgabeDaoImpl.class);
>>>>> //
>>>>> // }
>>>>>
>>>>> public static void contributeFactoryDefaults(
>>>>> MappedConfiguration<String, Object> configuration) {
>>>>> // The application version number is incorprated into URLs for some
>>>>> // assets. Web browsers will cache assets because of the far future
>>>>> // expires
>>>>> // header. If existing assets are changed, the version number should
>>>>> // also
>>>>> // change, to force the browser to download new versions. This overrides
>>>>> // Tapesty's default
>>>>> // (a random hexadecimal number), but may be further overriden by
>>>>> // DevelopmentModule or
>>>>> // QaModule.
>>>>> configuration.override(SymbolConstants.APPLICATION_VERSION,
>>>>> "1.0-SNAPSHOT");
>>>>> }
>>>>>
>>>>> public static void contributeApplicationDefaults(
>>>>> MappedConfiguration<String, Object> configuration) {
>>>>> // Contributions to ApplicationDefaults will override any contributions
>>>>> // to
>>>>> // FactoryDefaults (with the same key). Here we're restricting the
>>>>> // supported
>>>>> // locales to just "en" (English). As you add localised message catalogs
>>>>> // and other assets,
>>>>> // you can extend this list of locales (it's a comma separated series of
>>>>> // locale names;
>>>>> // the first locale name is the default when there's no reasonable
>>>>> // match).
>>>>> // configuration.add(SymbolConstants.SUPPORTED_LOCALES, "en");
>>>>> configuration.add(SymbolConstants.SUPPORTED_LOCALES, "de");
>>>>> configuration.add(SymbolConstants.COMPRESS_WHITESPACE, "true");
>>>>>
>>>>> }
>>>>>
>>>>> /**
>>>>> * This is a service definition, the service will be named "TimingFilter".
>>>>> * The interface, RequestFilter, is used within the RequestHandler service
>>>>> * pipeline, which is built from the RequestHandler service configuration.
>>>>> * Tapestry IoC is responsible for passing in an appropriate Logger
>>>>> * instance. Requests for static resources are handled at a higher level, so
>>>>> * this filter will only be invoked for Tapestry related requests.
>>>>> * <p/>
>>>>> * <p/>
>>>>> * Service builder methods are useful when the implementation is inline as
>>>>> * an inner class (as here) or require some other kind of special
>>>>> * initialization. In most cases, use the static bind() method instead.
>>>>> * <p/>
>>>>> * <p/>
>>>>> * If this method was named "build", then the service id would be taken from
>>>>> * the service interface and would be "RequestFilter". Since Tapestry
>>>>> * already defines a service named "RequestFilter" we use an explicit
>>>>> * service id that we can reference inside the contribution method.
>>>>> */
>>>>> public RequestFilter buildTimingFilter(final Logger log) {
>>>>> return new RequestFilter() {
>>>>> public boolean service(Request request, Response response,
>>>>> RequestHandler handler) throws IOException {
>>>>> long startTime = System.currentTimeMillis();
>>>>>
>>>>> try {
>>>>> // The responsibility of a filter is to invoke the
>>>>> // corresponding method
>>>>> // in the handler. When you chain multiple filters together,
>>>>> // each filter
>>>>> // received a handler that is a bridge to the next filter.
>>>>>
>>>>> return handler.service(request, response);
>>>>> } finally {
>>>>> long elapsed = System.currentTimeMillis() - startTime;
>>>>>
>>>>> log.info(String.format("Request time: %d ms", elapsed));
>>>>> }
>>>>> }
>>>>> };
>>>>> }
>>>>>
>>>>> /**
>>>>> * This is a contribution to the RequestHandler service configuration. This
>>>>> * is how we extend Tapestry using the timing filter. A common use for this
>>>>> * kind of filter is transaction management or security. The @Local
>>>>> * annotation selects the desired service by type, but only from the same
>>>>> * module. Without @Local, there would be an error due to the other
>>>>> * service(s) that implement RequestFilter (defined in other modules).
>>>>> */
>>>>> public void contributeRequestHandler(OrderedConfiguration<RequestFilter> configuration, @Local RequestFilter filter) {
>>>>> // Each contribution to an ordered configuration has a name, When
>>>>> // necessary, you may
>>>>> // set constraints to precisely control the invocation order of the
>>>>> // contributed filter
>>>>> // within the pipeline.
>>>>>
>>>>> configuration.add("Timing", filter);
>>>>> }
>>>>>
>>>>>
>>>>> @SuppressWarnings("unchecked")
>>>>> public static void contributeComponentRequestHandler(OrderedConfiguration configuration) {
>>>>> configuration.addInstance("RequiresLogin", RequiresLoginFilter.class);
>>>>>
>>>>> }
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> }
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>>>>> For additional commands, e-mail: users-help@tapestry.apache.org
>>>>>
>>>
>>> import java.io.IOException;
>>>
>>> import org.apache.tapestry5.services.ComponentEventRequestParameters;
>>> import org.apache.tapestry5.services.ComponentRequestHandler;
>>> import org.apache.tapestry5.services.PageRenderRequestParameters;
>>>
>>>
>>> /**
>>> * Filter interface for {@link org.apache.tapestry5.services.ComponentRequestHandler}.
>>> */
>>> /**
>>> * Our implementation of this filter will check the page referenced in the request to see if it has the annotation.
>>> * If the annotation is present and the user has not yet logged in, we'll redirect to the Login page.
>>> * When a redirect is not necessary, we delegate to the next handler in the pipeline2:
>>> */
>>> public interface ComponentRequestFilter
>>> {
>>> /**
>>> * Handler for a component action request which will trigger an event on a component and use the return value to
>>> * send a response to the client (typically, a redirect to a page render URL).
>>> *
>>> * @param parameters defining the request
>>> * @param handler next handler in the pipeline
>>> */
>>> void handleComponentEvent(ComponentEventRequestParameters parameters, ComponentRequestHandler handler)
>>> throws IOException;
>>>
>>> /**
>>> * Invoked to activate and render a page. In certain cases, based on values returned when activating the page, a
>>> * {@link org.apache.tapestry5.services.ComponentEventResultProcessor} may be used to send an alternate response
>>> * (typically, a redirect).
>>> *
>>> * @param parameters defines the page name and activation context
>>> * @param handler next handler in the pipeline
>>> */
>>> void handlePageRender(PageRenderRequestParameters parameters, ComponentRequestHandler handler) throws IOException;
>>> }
>>>
>>>
>>>
>>>
>>>
>>>
>>> import java.io.IOException;
>>>
>>> import org.apache.tapestry5.Link;
>>> import org.apache.tapestry5.runtime.Component;
>>> import org.apache.tapestry5.services.ComponentEventRequestParameters;
>>> import org.apache.tapestry5.services.ComponentRequestHandler;
>>> import org.apache.tapestry5.services.ComponentSource;
>>> import org.apache.tapestry5.services.PageRenderLinkSource;
>>> import org.apache.tapestry5.services.PageRenderRequestParameters;
>>> import org.apache.tapestry5.services.Response;
>>>
>>>
>>> import com.example.pms.annotations.*;
>>>
>>>
>>> public class RequiresLoginFilter implements ComponentRequestFilter {
>>>
>>> private PageRenderLinkSource renderLinkSource;
>>>
>>> private ComponentSource componentSource;
>>>
>>> private Response response;
>>>
>>> // private final AuthenticationService authService;
>>> private AuthenticatorImp authService;
>>>
>>>
>>> public void PageAccessFilter(PageRenderLinkSource renderLinkSource, ComponentSource componentSource,
>>> Response response, AuthenticatorImp authService) {
>>>
>>> this.renderLinkSource = renderLinkSource;
>>> this.componentSource = componentSource;
>>> this.response = response;
>>> this.authService = authService;
>>>
>>> }
>>>
>>> public void handleComponentEvent(
>>> ComponentEventRequestParameters parameters,
>>> ComponentRequestHandler handler) throws IOException {
>>>
>>> if (dispatchedToLoginPage(parameters.getActivePageName())) {
>>> return;
>>> }
>>>
>>> handler.handleComponentEvent(parameters);
>>>
>>> }
>>>
>>> public void handlePageRender(PageRenderRequestParameters parameters,
>>> ComponentRequestHandler handler) throws IOException {
>>>
>>> if (dispatchedToLoginPage(parameters.getLogicalPageName())) {
>>> return;
>>> }
>>>
>>> handler.handlePageRender(parameters);
>>> }
>>>
>>> private boolean dispatchedToLoginPage(String pageName) throws IOException {
>>>
>>> if (authService.isLoggedIn()) {
>>> return false;
>>> }
>>>
>>> Component page = componentSource.getPage(pageName);
>>>
>>> if (! page.getClass().isAnnotationPresent(RequiresLogin.class)) {
>>> return false;
>>> }
>>>
>>> Link link = renderLinkSource.createPageRenderLink("Index");
>>>
>>> response.sendRedirect(link);
>>>
>>> return true;
>>> }
>>> }
>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>>> For additional commands, e-mail: users-help@tapestry.apache.org
>>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> For additional commands, e-mail: users-help@tapestry.apache.org
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Securing page with Tapestry
Posted by "D.R." <d....@googlemail.com>.
Hi,
where is the registration of AuthenticatorImp implements
AuthenticatorInterface? I can not see it in your binder.bind
Your constructor looks weird:
public void PageAccessFilter in class RequiresLoginFilter ???
You should pass the interface there, not the impl.
Kind regards
David
Am 07.08.2013 16:12, schrieb Willy Browne:
> thanks for the help. I removed my Interface and now i get a NullPointerException
> * RequiresLoginFilter.dispatchedToLoginPage(RequiresLoginFilter.java:66)
> * services.RequiresLoginFilter.handlePageRender(RequiresLoginFilter.java:57)
> * org.apache.tapestry5.services.InitializeActivePageName.handlePageRender(InitializeActivePageName.java:47)
> * org.apache.tapestry5.internal.services.RootPathDispatcher.dispatch(RootPathDispatcher.java:66)
> * org.apache.tapestry5.services.TapestryModule$RequestHandlerTerminator.service(TapestryModule.java:302)
> * .services.PmsModule$1.service(PmsModule.java:115)
> * org.apache.tapestry5.internal.services.RequestErrorFilter.service(RequestErrorFilter.java:26)
> * org.apache.tapestry5.services.TapestryModule$3.service(TapestryModule.java:902)
> * org.apache.tapestry5.services.TapestryModule$2.service(TapestryModule.java:892)
> * org.apache.tapestry5.internal.services.StaticFilesFilter.service(StaticFilesFilter.java:90)
> * org.apache.tapestry5.internal.services.CheckForUpdatesFilter$2.invoke(CheckForUpdatesFilter.java:105)
> * org.apache.tapestry5.internal.services.CheckForUpdatesFilter$2.invoke(CheckForUpdatesFilter.java:95)
> * org.apache.tapestry5.ioc.internal.util.ConcurrentBarrier.withRead(ConcurrentBarrier.java:85)
> * org.apache.tapestry5.internal.services.CheckForUpdatesFilter.service(CheckForUpdatesFilter.java:119)
> * org.apache.tapestry5.services.TapestryModule$HttpServletRequestHandlerTerminator.service(TapestryModule.java:253)
> * org.apache.tapestry5.internal.gzip.GZipFilter.service(GZipFilter.java:53)
> * org.apache.tapestry5.internal.services.IgnoredPathsFilter.service(IgnoredPathsFilter.java:62)
> * org.apache.tapestry5.services.TapestryModule$1.service(TapestryModule.java:852)
> * org.apache.tapestry5.TapestryFilter.doFilter(TapestryFilter.java:171)
>
> public class RequiresLoginFilter implements ComponentRequestFilter {
> private PageRenderLinkSource renderLinkSource;
>
> private ComponentSource componentSource;
> private Response response;
>
> private AuthenticatorImp authService;
>
> public void PageAccessFilter(PageRenderLinkSource renderLinkSource,
> ComponentSource componentSource, Response response,
> AuthenticatorImp authService) {
>
> this.renderLinkSource = renderLinkSource;
> this.componentSource = componentSource;
> this.response = response;
> this.authService = authService;
>
> }
>
> public void handleComponentEvent(
> ComponentEventRequestParameters parameters,
> ComponentRequestHandler handler) throws IOException {
>
> if (dispatchedToLoginPage(parameters.getActivePageName())) {
> return;
> }
>
> handler.handleComponentEvent(parameters);
>
> }
>
> public void handlePageRender(PageRenderRequestParameters parameters,
> ComponentRequestHandler handler) throws IOException {
> if (dispatchedToLoginPage(parameters.getLogicalPageName())) {
> return;
> }
>
> handler.handlePageRender(parameters);
> }
>
> private boolean dispatchedToLoginPage(String pageName) throws IOException {
> if (authService.isLoggedIn()) { // line 66
> return false;
> }
>
> Component page = componentSource.getPage(pageName);
>
> if (!page.getClass().isAnnotationPresent(RequiresLogin.class)) {
> return false;
> }
>
> Link link = renderLinkSource.createPageRenderLink("Login");
>
> response.sendRedirect(link);
>
> return true;
> }
> }
>
>
> public class RequiresLoginFilter implements ComponentRequestFilter {
> private PageRenderLinkSource renderLinkSource;
>
> private ComponentSource componentSource;
> private Response response;
>
> private AuthenticatorImp authService;
>
> public void PageAccessFilter(PageRenderLinkSource renderLinkSource,
> ComponentSource componentSource, Response response,
> AuthenticatorImp authService) {
>
> this.renderLinkSource = renderLinkSource;
> this.componentSource = componentSource;
> this.response = response;
> this.authService = authService;
>
> }
>
> public void handleComponentEvent(
> ComponentEventRequestParameters parameters,
> ComponentRequestHandler handler) throws IOException {
>
> if (dispatchedToLoginPage(parameters.getActivePageName())) {
> return;
> }
>
> handler.handleComponentEvent(parameters);
>
> }
>
> public void handlePageRender(PageRenderRequestParameters parameters,
> ComponentRequestHandler handler) throws IOException {
> if (dispatchedToLoginPage(parameters.getLogicalPageName())) {
> return;
> }
>
> handler.handlePageRender(parameters);
> }
>
> private boolean dispatchedToLoginPage(String pageName) throws IOException { // line 57
> if (authService.isLoggedIn()) {
> return false;
> }
>
> Component page = componentSource.getPage(pageName);
>
> if (!page.getClass().isAnnotationPresent(RequiresLogin.class)) {
> return false;
> }
>
> Link link = renderLinkSource.createPageRenderLink("Login");
>
> response.sendRedirect(link);
>
> return true;
> }
> }
>
>
>
> public class AuthenticatorImp implements AuthenticatorInterface{
>
> public static final String AUTH_TOKEN = "authToken";
> /**
> *
> */
> public AuthenticatorImp() {
> super();
> // TODO Auto-generated constructor stub
> }
>
> /**
> * @param request
> */
> public AuthenticatorImp(Request request) {
> super();
> this.request = request;
> }
>
>
>
>
> @Inject
> private Request request;
> public Mitarbeiter getLoggedUser() {
>
> Mitarbeiter user = null;
>
> if (isLoggedIn())
> user = (Mitarbeiter) request.getSession(true).getAttribute(AUTH_TOKEN);
>
> else
> throw new IllegalStateException("The user is not logged ! ");
>
> return user;
> }
>
> public boolean isLoggedIn() {
> org.apache.tapestry5.services.Session session = request.getSession(true);
> if (session != null) { return session.getAttribute(AUTH_TOKEN) != null; }
> return false;
>
> }
>
> @SuppressWarnings("unchecked")
> public void login(String nickName, String password, org.hibernate.Session session)
> throws NoSuchAlgorithmException, UnsupportedEncodingException {
> MitarbeiterDaoImpl mitarbeiterDao = new MitarbeiterDaoImpl( Mitarbeiter.class, session);
> Mitarbeiter authUser = mitarbeiterDao.authenticate(nickName, Encrypt.MD5(password));
>
> try{
> request.getSession(true).setAttribute(AUTH_TOKEN, authUser);
> }
> catch(NullPointerException e){
> System.out.println("Beim Einlogen ist ein fehler aufgetreten");
> }
>
>
> }
>
> public void logout() {
> org.apache.tapestry5.services.Session session = request.getSession(false);
> if (session != null)
> {
> session.setAttribute(AUTH_TOKEN, null);
> session.invalidate();
> }
> }
>
>
> }
>
> ________________________________
> De : Taha Hafeez Siddiqi <ta...@gmail.com>
> À : Tapestry users <us...@tapestry.apache.org>
> Envoyé le : Mardi 6 août 2013 14h41
> Objet : Re: Securing page with Tapestry
>
>
> Are you defining your own ComponentRequestFilter interface? As you have included the code for that I am assuming you have.
>
> You have to implement Tapestry's ComponentRequestFilter, not your own as you can't contribute to the RequestHandler any other implementation.
>
> regards
> Taha
>
> On 06-Aug-2013, at 5:53 PM, Will N. <ll...@yahoo.fr> wrote:
>
>> Am 06.08.2013 14:13, schrieb Thiago H de Paula Figueiredo:
>>> I'm sorry, I should have asked for your ComponentRequestFilter implementation source too. ;)
>>>
>>> On Tue, 06 Aug 2013 08:31:15 -0300, Will N. <ll...@yahoo.fr> wrote:
>>>
>>>> Am 06.08.2013 13:25, schrieb Thiago H de Paula Figueiredo:
>>>>> On Tue, 06 Aug 2013 05:10:37 -0300, Will N. <ll...@yahoo.fr> wrote:
>>>>>
>>>>>> Hi,
>>>>> Hi!
>>>>>
>>>>>> I am trying secure some pages of my application as shown in this tutorial. http://tapestryjava.blogspot.co.uk/search/label/security
>>>>>> But I am having following error message when I start the application.
>>>>>> Since the RequiresLoginFilte class implements the ComponentRequestFilter interface, I am confused about the coertion error!
>>>>> The error is weird. Could you post your PmsModule.contributeComponentRequestHandler() method
>>>> /**
>>>> * This module is automatically included as part of the Tapestry IoC Registry,
>>>> * it's a good place to configure and extend Tapestry, or to place your own
>>>> * service definitions. spring
>>>> */
>>>> public class PmsModule {
>>>> // public static void bind(ServiceBinder binder) {
>>>> // // binder.bind(MyServiceInterface.class, MyServiceImpl.class);
>>>> //
>>>> // // Make bind() calls on the binder object to define most IoC services.
>>>> // // Use service builder methods (example below) when the implementation
>>>> // // is provided inline, or requires more initialization than simply
>>>> // // invoking the constructor.
>>>> // binder.bind(ArbeitspaketDao.class, ArbeitspaketDaoImpl.class);
>>>> // binder.bind(AufgabeDao.class, AufgabeDaoImpl.class);
>>>> // binder.bind(BasicDao.class, BasicDaoImpl.class);
>>>> // binder.bind(FunktionDao.class, FunktionDaoImpl.class);
>>>> //// binder.bind(GrantedAuthorityBeanDao.class,
>>>> //// GrantedAuthorityBeanDaoImpl.class);
>>>> // binder.bind(MitarbeiterDao.class, MitarbeiterDaoImpl.class);
>>>> // binder.bind(MitarbeiterProjektDao.class,
>>>> // MitarbeiterProjektDaoImpl.class);
>>>> // binder.bind(ModulDao.class, ModulDaoImpl.class);
>>>> // binder.bind(PersonMonatDao.class, PersonMonatDaoImpl.class);
>>>> // binder.bind(UserDataDao.class, UserDataDaoImpl.class);
>>>> // binder.bind(ProjektDao.class, ProjektDaoImpl.class);
>>>> // binder.bind(UnteraufgabeDao.class, UnteraufgabeDaoImpl.class);
>>>> // binder.bind(UnterunteraufgabeDao.class, UnterunteraufgabeDaoImpl.class);
>>>> //
>>>> // }
>>>>
>>>> public static void contributeFactoryDefaults(
>>>> MappedConfiguration<String, Object> configuration) {
>>>> // The application version number is incorprated into URLs for some
>>>> // assets. Web browsers will cache assets because of the far future
>>>> // expires
>>>> // header. If existing assets are changed, the version number should
>>>> // also
>>>> // change, to force the browser to download new versions. This overrides
>>>> // Tapesty's default
>>>> // (a random hexadecimal number), but may be further overriden by
>>>> // DevelopmentModule or
>>>> // QaModule.
>>>> configuration.override(SymbolConstants.APPLICATION_VERSION,
>>>> "1.0-SNAPSHOT");
>>>> }
>>>>
>>>> public static void contributeApplicationDefaults(
>>>> MappedConfiguration<String, Object> configuration) {
>>>> // Contributions to ApplicationDefaults will override any contributions
>>>> // to
>>>> // FactoryDefaults (with the same key). Here we're restricting the
>>>> // supported
>>>> // locales to just "en" (English). As you add localised message catalogs
>>>> // and other assets,
>>>> // you can extend this list of locales (it's a comma separated series of
>>>> // locale names;
>>>> // the first locale name is the default when there's no reasonable
>>>> // match).
>>>> // configuration.add(SymbolConstants.SUPPORTED_LOCALES, "en");
>>>> configuration.add(SymbolConstants.SUPPORTED_LOCALES, "de");
>>>> configuration.add(SymbolConstants.COMPRESS_WHITESPACE, "true");
>>>>
>>>> }
>>>>
>>>> /**
>>>> * This is a service definition, the service will be named "TimingFilter".
>>>> * The interface, RequestFilter, is used within the RequestHandler service
>>>> * pipeline, which is built from the RequestHandler service configuration.
>>>> * Tapestry IoC is responsible for passing in an appropriate Logger
>>>> * instance. Requests for static resources are handled at a higher level, so
>>>> * this filter will only be invoked for Tapestry related requests.
>>>> * <p/>
>>>> * <p/>
>>>> * Service builder methods are useful when the implementation is inline as
>>>> * an inner class (as here) or require some other kind of special
>>>> * initialization. In most cases, use the static bind() method instead.
>>>> * <p/>
>>>> * <p/>
>>>> * If this method was named "build", then the service id would be taken from
>>>> * the service interface and would be "RequestFilter". Since Tapestry
>>>> * already defines a service named "RequestFilter" we use an explicit
>>>> * service id that we can reference inside the contribution method.
>>>> */
>>>> public RequestFilter buildTimingFilter(final Logger log) {
>>>> return new RequestFilter() {
>>>> public boolean service(Request request, Response response,
>>>> RequestHandler handler) throws IOException {
>>>> long startTime = System.currentTimeMillis();
>>>>
>>>> try {
>>>> // The responsibility of a filter is to invoke the
>>>> // corresponding method
>>>> // in the handler. When you chain multiple filters together,
>>>> // each filter
>>>> // received a handler that is a bridge to the next filter.
>>>>
>>>> return handler.service(request, response);
>>>> } finally {
>>>> long elapsed = System.currentTimeMillis() - startTime;
>>>>
>>>> log.info(String.format("Request time: %d ms", elapsed));
>>>> }
>>>> }
>>>> };
>>>> }
>>>>
>>>> /**
>>>> * This is a contribution to the RequestHandler service configuration. This
>>>> * is how we extend Tapestry using the timing filter. A common use for this
>>>> * kind of filter is transaction management or security. The @Local
>>>> * annotation selects the desired service by type, but only from the same
>>>> * module. Without @Local, there would be an error due to the other
>>>> * service(s) that implement RequestFilter (defined in other modules).
>>>> */
>>>> public void contributeRequestHandler(OrderedConfiguration<RequestFilter> configuration, @Local RequestFilter filter) {
>>>> // Each contribution to an ordered configuration has a name, When
>>>> // necessary, you may
>>>> // set constraints to precisely control the invocation order of the
>>>> // contributed filter
>>>> // within the pipeline.
>>>>
>>>> configuration.add("Timing", filter);
>>>> }
>>>>
>>>>
>>>> @SuppressWarnings("unchecked")
>>>> public static void contributeComponentRequestHandler(OrderedConfiguration configuration) {
>>>> configuration.addInstance("RequiresLogin", RequiresLoginFilter.class);
>>>>
>>>> }
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> }
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>>>> For additional commands, e-mail: users-help@tapestry.apache.org
>>>>
>>>
>>
>>
>> import java.io.IOException;
>>
>> import org.apache.tapestry5.services.ComponentEventRequestParameters;
>> import org.apache.tapestry5.services.ComponentRequestHandler;
>> import org.apache.tapestry5.services.PageRenderRequestParameters;
>>
>>
>> /**
>> * Filter interface for {@link org.apache.tapestry5.services.ComponentRequestHandler}.
>> */
>> /**
>> * Our implementation of this filter will check the page referenced in the request to see if it has the annotation.
>> * If the annotation is present and the user has not yet logged in, we'll redirect to the Login page.
>> * When a redirect is not necessary, we delegate to the next handler in the pipeline2:
>> */
>> public interface ComponentRequestFilter
>> {
>> /**
>> * Handler for a component action request which will trigger an event on a component and use the return value to
>> * send a response to the client (typically, a redirect to a page render URL).
>> *
>> * @param parameters defining the request
>> * @param handler next handler in the pipeline
>> */
>> void handleComponentEvent(ComponentEventRequestParameters parameters, ComponentRequestHandler handler)
>> throws IOException;
>>
>> /**
>> * Invoked to activate and render a page. In certain cases, based on values returned when activating the page, a
>> * {@link org.apache.tapestry5.services.ComponentEventResultProcessor} may be used to send an alternate response
>> * (typically, a redirect).
>> *
>> * @param parameters defines the page name and activation context
>> * @param handler next handler in the pipeline
>> */
>> void handlePageRender(PageRenderRequestParameters parameters, ComponentRequestHandler handler) throws IOException;
>> }
>>
>>
>>
>>
>>
>>
>> import java.io.IOException;
>>
>> import org.apache.tapestry5.Link;
>> import org.apache.tapestry5.runtime.Component;
>> import org.apache.tapestry5.services.ComponentEventRequestParameters;
>> import org.apache.tapestry5.services.ComponentRequestHandler;
>> import org.apache.tapestry5.services.ComponentSource;
>> import org.apache.tapestry5.services.PageRenderLinkSource;
>> import org.apache.tapestry5.services.PageRenderRequestParameters;
>> import org.apache.tapestry5.services.Response;
>>
>>
>> import com.example.pms.annotations.*;
>>
>>
>> public class RequiresLoginFilter implements ComponentRequestFilter {
>>
>> private PageRenderLinkSource renderLinkSource;
>>
>> private ComponentSource componentSource;
>>
>> private Response response;
>>
>> // private final AuthenticationService authService;
>> private AuthenticatorImp authService;
>>
>>
>> public void PageAccessFilter(PageRenderLinkSource renderLinkSource, ComponentSource componentSource,
>> Response response, AuthenticatorImp authService) {
>>
>> this.renderLinkSource = renderLinkSource;
>> this.componentSource = componentSource;
>> this.response = response;
>> this.authService = authService;
>>
>> }
>>
>> public void handleComponentEvent(
>> ComponentEventRequestParameters parameters,
>> ComponentRequestHandler handler) throws IOException {
>>
>> if (dispatchedToLoginPage(parameters.getActivePageName())) {
>> return;
>> }
>>
>> handler.handleComponentEvent(parameters);
>>
>> }
>>
>> public void handlePageRender(PageRenderRequestParameters parameters,
>> ComponentRequestHandler handler) throws IOException {
>>
>> if (dispatchedToLoginPage(parameters.getLogicalPageName())) {
>> return;
>> }
>>
>> handler.handlePageRender(parameters);
>> }
>>
>> private boolean dispatchedToLoginPage(String pageName) throws IOException {
>>
>> if (authService.isLoggedIn()) {
>> return false;
>> }
>>
>> Component page = componentSource.getPage(pageName);
>>
>> if (! page.getClass().isAnnotationPresent(RequiresLogin.class)) {
>> return false;
>> }
>>
>> Link link = renderLinkSource.createPageRenderLink("Index");
>>
>> response.sendRedirect(link);
>>
>> return true;
>> }
>> }
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> For additional commands, e-mail: users-help@tapestry.apache.org
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Securing page with Tapestry
Posted by Willy Browne <ll...@yahoo.fr>.
thanks for the help. I removed my Interface and now i get a NullPointerException
* RequiresLoginFilter.dispatchedToLoginPage(RequiresLoginFilter.java:66)
* services.RequiresLoginFilter.handlePageRender(RequiresLoginFilter.java:57)
* org.apache.tapestry5.services.InitializeActivePageName.handlePageRender(InitializeActivePageName.java:47)
* org.apache.tapestry5.internal.services.RootPathDispatcher.dispatch(RootPathDispatcher.java:66)
* org.apache.tapestry5.services.TapestryModule$RequestHandlerTerminator.service(TapestryModule.java:302)
* .services.PmsModule$1.service(PmsModule.java:115)
* org.apache.tapestry5.internal.services.RequestErrorFilter.service(RequestErrorFilter.java:26)
* org.apache.tapestry5.services.TapestryModule$3.service(TapestryModule.java:902)
* org.apache.tapestry5.services.TapestryModule$2.service(TapestryModule.java:892)
* org.apache.tapestry5.internal.services.StaticFilesFilter.service(StaticFilesFilter.java:90)
* org.apache.tapestry5.internal.services.CheckForUpdatesFilter$2.invoke(CheckForUpdatesFilter.java:105)
* org.apache.tapestry5.internal.services.CheckForUpdatesFilter$2.invoke(CheckForUpdatesFilter.java:95)
* org.apache.tapestry5.ioc.internal.util.ConcurrentBarrier.withRead(ConcurrentBarrier.java:85)
* org.apache.tapestry5.internal.services.CheckForUpdatesFilter.service(CheckForUpdatesFilter.java:119)
* org.apache.tapestry5.services.TapestryModule$HttpServletRequestHandlerTerminator.service(TapestryModule.java:253)
* org.apache.tapestry5.internal.gzip.GZipFilter.service(GZipFilter.java:53)
* org.apache.tapestry5.internal.services.IgnoredPathsFilter.service(IgnoredPathsFilter.java:62)
* org.apache.tapestry5.services.TapestryModule$1.service(TapestryModule.java:852)
* org.apache.tapestry5.TapestryFilter.doFilter(TapestryFilter.java:171)
public class RequiresLoginFilter implements ComponentRequestFilter {
private PageRenderLinkSource renderLinkSource;
private ComponentSource componentSource;
private Response response;
private AuthenticatorImp authService;
public void PageAccessFilter(PageRenderLinkSource renderLinkSource,
ComponentSource componentSource, Response response,
AuthenticatorImp authService) {
this.renderLinkSource = renderLinkSource;
this.componentSource = componentSource;
this.response = response;
this.authService = authService;
}
public void handleComponentEvent(
ComponentEventRequestParameters parameters,
ComponentRequestHandler handler) throws IOException {
if (dispatchedToLoginPage(parameters.getActivePageName())) {
return;
}
handler.handleComponentEvent(parameters);
}
public void handlePageRender(PageRenderRequestParameters parameters,
ComponentRequestHandler handler) throws IOException {
if (dispatchedToLoginPage(parameters.getLogicalPageName())) {
return;
}
handler.handlePageRender(parameters);
}
private boolean dispatchedToLoginPage(String pageName) throws IOException {
if (authService.isLoggedIn()) { Â // line 66
return false;
}
Component page = componentSource.getPage(pageName);
if (!page.getClass().isAnnotationPresent(RequiresLogin.class)) {
return false;
}
Link link = renderLinkSource.createPageRenderLink("Login");
response.sendRedirect(link);
return true;
}
}
public class RequiresLoginFilter implements ComponentRequestFilter {
private PageRenderLinkSource renderLinkSource;
private ComponentSource componentSource;
private Response response;
private AuthenticatorImp authService;
public void PageAccessFilter(PageRenderLinkSource renderLinkSource,
ComponentSource componentSource, Response response,
AuthenticatorImp authService) {
this.renderLinkSource = renderLinkSource;
this.componentSource = componentSource;
this.response = response;
this.authService = authService;
}
public void handleComponentEvent(
ComponentEventRequestParameters parameters,
ComponentRequestHandler handler) throws IOException {
if (dispatchedToLoginPage(parameters.getActivePageName())) {
return;
}
handler.handleComponentEvent(parameters);
}
public void handlePageRender(PageRenderRequestParameters parameters,
ComponentRequestHandler handler) throws IOException {
if (dispatchedToLoginPage(parameters.getLogicalPageName())) {
return;
}
handler.handlePageRender(parameters);
}
private boolean dispatchedToLoginPage(String pageName) throws IOException { Â // line 57
if (authService.isLoggedIn()) {
return false;
}
Component page = componentSource.getPage(pageName);
if (!page.getClass().isAnnotationPresent(RequiresLogin.class)) {
return false;
}
Link link = renderLinkSource.createPageRenderLink("Login");
response.sendRedirect(link);
return true;
}
}
public class AuthenticatorImp implements AuthenticatorInterface{
public static final String AUTH_TOKEN = "authToken";
/**
*Â
*/
public AuthenticatorImp() {
super();
// TODO Auto-generated constructor stub
}
/**
* @param request
*/
public AuthenticatorImp(Request request) {
super();
this.request = request;
}
@Inject
private Request request;
public Mitarbeiter getLoggedUser() {
Â
Mitarbeiter user = null;
    if (isLoggedIn())
      user = (Mitarbeiter) request.getSession(true).getAttribute(AUTH_TOKEN);
    Â
    else
      throw new IllegalStateException("The user is not logged ! ");
    Â
    return user;
}
public boolean isLoggedIn() {
org.apache.tapestry5.services.Session session = Â request.getSession(true);
    if (session != null) { return session.getAttribute(AUTH_TOKEN) != null; }
    return false;
}
@SuppressWarnings("unchecked")
public void login(String nickName, String password, org.hibernate.Session session)
throws NoSuchAlgorithmException, UnsupportedEncodingException {
MitarbeiterDaoImpl mitarbeiterDao = new MitarbeiterDaoImpl( Mitarbeiter.class, session);
Mitarbeiter authUser = mitarbeiterDao.authenticate(nickName, Encrypt.MD5(password));
try{
request.getSession(true).setAttribute(AUTH_TOKEN, authUser);
  }
  catch(NullPointerException e){
  System.out.println("Beim Einlogen ist ein fehler aufgetreten");
  }
 Â
 Â
}
public void logout() {
org.apache.tapestry5.services.Session session = request.getSession(false);
    if (session != null)
    {
      session.setAttribute(AUTH_TOKEN, null);
      session.invalidate();
    }
}
}
________________________________
De : Taha Hafeez Siddiqi <ta...@gmail.com>
À : Tapestry users <us...@tapestry.apache.org>
Envoyé le : Mardi 6 août 2013 14h41
Objet : Re: Securing page with Tapestry
Are you defining your own ComponentRequestFilter interface? As you have included the code for that I am assuming you have.
You have to implement Tapestry's ComponentRequestFilter, not your own as you can't contribute to the RequestHandler any other implementation.
regards
Taha
On 06-Aug-2013, at 5:53 PM, Will N. <ll...@yahoo.fr> wrote:
> Am 06.08.2013 14:13, schrieb Thiago H de Paula Figueiredo:
>> I'm sorry, I should have asked for your ComponentRequestFilter implementation source too. ;)
>>
>> On Tue, 06 Aug 2013 08:31:15 -0300, Will N. <ll...@yahoo.fr> wrote:
>>
>>> Am 06.08.2013 13:25, schrieb Thiago H de Paula Figueiredo:
>>>> On Tue, 06 Aug 2013 05:10:37 -0300, Will N. <ll...@yahoo.fr> wrote:
>>>>
>>>>> Hi,
>>>>
>>>> Hi!
>>>>
>>>>> I am trying secure some pages of my application as shown in this tutorial. http://tapestryjava.blogspot.co.uk/search/label/security
>>>>> But I am having following error message when I start the application.
>>>>> Since the RequiresLoginFilte class implements the ComponentRequestFilter interface, I am confused about the coertion error!
>>>>
>>>> The error is weird. Could you post your PmsModule.contributeComponentRequestHandler() method
>>> /**
>>>Â * This module is automatically included as part of the Tapestry IoC Registry,
>>>Â * it's a good place to configure and extend Tapestry, or to place your own
>>>Â * service definitions. spring
>>>Â */
>>> public class PmsModule {
>>> //Â Â public static void bind(ServiceBinder binder) {
>>> //Â Â Â Â // binder.bind(MyServiceInterface.class, MyServiceImpl.class);
>>> //
>>> //Â Â Â Â // Make bind() calls on the binder object to define most IoC services.
>>> //Â Â Â Â // Use service builder methods (example below) when the implementation
>>> //Â Â Â Â // is provided inline, or requires more initialization than simply
>>> //Â Â Â Â // invoking the constructor.
>>> //Â Â Â Â binder.bind(ArbeitspaketDao.class, ArbeitspaketDaoImpl.class);
>>> //Â Â Â Â binder.bind(AufgabeDao.class, AufgabeDaoImpl.class);
>>> //Â Â Â Â binder.bind(BasicDao.class, BasicDaoImpl.class);
>>> //Â Â Â Â binder.bind(FunktionDao.class, FunktionDaoImpl.class);
>>> ////Â Â Â Â binder.bind(GrantedAuthorityBeanDao.class,
>>> ////Â Â Â Â Â Â Â Â GrantedAuthorityBeanDaoImpl.class);
>>> //Â Â Â Â binder.bind(MitarbeiterDao.class, MitarbeiterDaoImpl.class);
>>> //Â Â Â Â binder.bind(MitarbeiterProjektDao.class,
>>> //Â Â Â Â Â Â Â Â MitarbeiterProjektDaoImpl.class);
>>> //Â Â Â Â binder.bind(ModulDao.class, ModulDaoImpl.class);
>>> //Â Â Â Â binder.bind(PersonMonatDao.class, PersonMonatDaoImpl.class);
>>> //Â Â Â Â binder.bind(UserDataDao.class, UserDataDaoImpl.class);
>>> //Â Â Â Â binder.bind(ProjektDao.class, ProjektDaoImpl.class);
>>> //Â Â Â Â binder.bind(UnteraufgabeDao.class, UnteraufgabeDaoImpl.class);
>>> //Â Â Â Â binder.bind(UnterunteraufgabeDao.class, UnterunteraufgabeDaoImpl.class);
>>> //
>>> //Â Â }
>>>
>>>Â Â public static void contributeFactoryDefaults(
>>>Â Â Â Â Â Â MappedConfiguration<String, Object> configuration) {
>>>Â Â Â Â // The application version number is incorprated into URLs for some
>>>Â Â Â Â // assets. Web browsers will cache assets because of the far future
>>>Â Â Â Â // expires
>>>Â Â Â Â // header. If existing assets are changed, the version number should
>>>Â Â Â Â // also
>>>Â Â Â Â // change, to force the browser to download new versions. This overrides
>>>Â Â Â Â // Tapesty's default
>>>Â Â Â Â // (a random hexadecimal number), but may be further overriden by
>>>Â Â Â Â // DevelopmentModule or
>>>Â Â Â Â // QaModule.
>>> configuration.override(SymbolConstants.APPLICATION_VERSION,
>>>Â Â Â Â Â Â Â Â "1.0-SNAPSHOT");
>>>Â Â }
>>>
>>>Â Â public static void contributeApplicationDefaults(
>>>Â Â Â Â Â Â MappedConfiguration<String, Object> configuration) {
>>>Â Â Â Â // Contributions to ApplicationDefaults will override any contributions
>>>Â Â Â Â // to
>>>Â Â Â Â // FactoryDefaults (with the same key). Here we're restricting the
>>>Â Â Â Â // supported
>>>Â Â Â Â // locales to just "en" (English). As you add localised message catalogs
>>>Â Â Â Â // and other assets,
>>>Â Â Â Â // you can extend this list of locales (it's a comma separated series of
>>>Â Â Â Â // locale names;
>>>Â Â Â Â // the first locale name is the default when there's no reasonable
>>>Â Â Â Â // match).
>>>Â Â Â Â // configuration.add(SymbolConstants.SUPPORTED_LOCALES, "en");
>>>Â Â Â Â configuration.add(SymbolConstants.SUPPORTED_LOCALES, "de");
>>>Â Â Â Â configuration.add(SymbolConstants.COMPRESS_WHITESPACE, "true");
>>>
>>>Â Â }
>>>
>>>Â Â /**
>>>Â Â Â * This is a service definition, the service will be named "TimingFilter".
>>>Â Â Â * The interface, RequestFilter, is used within the RequestHandler service
>>>Â Â Â * pipeline, which is built from the RequestHandler service configuration.
>>>Â Â Â * Tapestry IoC is responsible for passing in an appropriate Logger
>>>Â Â Â * instance. Requests for static resources are handled at a higher level, so
>>>Â Â Â * this filter will only be invoked for Tapestry related requests.
>>>Â Â Â * <p/>
>>>Â Â Â * <p/>
>>>Â Â Â * Service builder methods are useful when the implementation is inline as
>>>Â Â Â * an inner class (as here) or require some other kind of special
>>>Â Â Â * initialization. In most cases, use the static bind() method instead.
>>>Â Â Â * <p/>
>>>Â Â Â * <p/>
>>>Â Â Â * If this method was named "build", then the service id would be taken from
>>>Â Â Â * the service interface and would be "RequestFilter". Since Tapestry
>>>Â Â Â * already defines a service named "RequestFilter" we use an explicit
>>>Â Â Â * service id that we can reference inside the contribution method.
>>>Â Â Â */
>>>Â Â public RequestFilter buildTimingFilter(final Logger log) {
>>>Â Â Â Â return new RequestFilter() {
>>>Â Â Â Â Â Â public boolean service(Request request, Response response,
>>>Â Â Â Â Â Â Â Â Â Â RequestHandler handler) throws IOException {
>>>Â Â Â Â Â Â Â Â long startTime = System.currentTimeMillis();
>>>
>>>Â Â Â Â Â Â Â Â try {
>>>Â Â Â Â Â Â Â Â Â Â // The responsibility of a filter is to invoke the
>>>Â Â Â Â Â Â Â Â Â Â // corresponding method
>>>Â Â Â Â Â Â Â Â Â Â // in the handler. When you chain multiple filters together,
>>>Â Â Â Â Â Â Â Â Â Â // each filter
>>>Â Â Â Â Â Â Â Â Â Â // received a handler that is a bridge to the next filter.
>>>
>>>Â Â Â Â Â Â Â Â Â Â return handler.service(request, response);
>>>Â Â Â Â Â Â Â Â } finally {
>>>Â Â Â Â Â Â Â Â Â Â long elapsed = System.currentTimeMillis() - startTime;
>>>
>>>Â Â Â Â Â Â Â Â Â Â log.info(String.format("Request time: %d ms", elapsed));
>>>Â Â Â Â Â Â Â Â }
>>>Â Â Â Â Â Â }
>>>Â Â Â Â };
>>>Â Â }
>>>
>>>Â Â /**
>>>Â Â Â * This is a contribution to the RequestHandler service configuration. This
>>>Â Â Â * is how we extend Tapestry using the timing filter. A common use for this
>>>Â Â Â * kind of filter is transaction management or security. The @Local
>>>Â Â Â * annotation selects the desired service by type, but only from the same
>>>Â Â Â * module. Without @Local, there would be an error due to the other
>>>Â Â Â * service(s) that implement RequestFilter (defined in other modules).
>>>Â Â Â */
>>>Â Â public void contributeRequestHandler(OrderedConfiguration<RequestFilter> configuration, @Local RequestFilter filter) {
>>>Â Â Â Â // Each contribution to an ordered configuration has a name, When
>>>Â Â Â Â // necessary, you may
>>>Â Â Â Â // set constraints to precisely control the invocation order of the
>>>Â Â Â Â // contributed filter
>>>Â Â Â Â // within the pipeline.
>>>
>>>Â Â Â Â configuration.add("Timing", filter);
>>>Â Â }
>>>
>>>
>>>Â Â @SuppressWarnings("unchecked")
>>>Â Â public static void contributeComponentRequestHandler(OrderedConfiguration configuration) {
>>>Â Â Â Â Â Â configuration.addInstance("RequiresLogin", RequiresLoginFilter.class);
>>>
>>>Â Â }
>>>
>>>
>>>
>>>
>>>
>>>
>>> }
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>>> For additional commands, e-mail: users-help@tapestry.apache.org
>>>
>>
>>
>
>
>
> import java.io.IOException;
>
> import org.apache.tapestry5.services.ComponentEventRequestParameters;
> import org.apache.tapestry5.services.ComponentRequestHandler;
> import org.apache.tapestry5.services.PageRenderRequestParameters;
>
>
> /**
> * Filter interface for {@link org.apache.tapestry5.services.ComponentRequestHandler}.
> */
> /**
> * Our implementation of this filter will check the page referenced in the request to see if it has the annotation.
> * If the annotation is present and the user has not yet logged in, we'll redirect to the Login page.
> * When a redirect is not necessary, we delegate to the next handler in the pipeline2:
> */
> public interface ComponentRequestFilter
> {
>Â Â /**
>Â Â * Handler for a component action request which will trigger an event on a component and use the return value to
>Â Â * send a response to the client (typically, a redirect to a page render URL).
>Â Â *
>Â Â * @param parameters defining the request
>  * @param handler  next handler in the pipeline
>Â Â */
>Â Â void handleComponentEvent(ComponentEventRequestParameters parameters, ComponentRequestHandler handler)
>Â Â Â Â Â Â throws IOException;
>
>Â Â /**
>Â Â * Invoked to activate and render a page. In certain cases, based on values returned when activating the page, a
>Â Â * {@link org.apache.tapestry5.services.ComponentEventResultProcessor} may be used to send an alternate response
>Â Â * (typically, a redirect).
>Â Â *
>Â Â * @param parameters defines the page name and activation context
>  * @param handler  next handler in the pipeline
>Â Â */
>Â Â void handlePageRender(PageRenderRequestParameters parameters, ComponentRequestHandler handler) throws IOException;
> }
>
>
>
>
>
>
> import java.io.IOException;
>
> import org.apache.tapestry5.Link;
> import org.apache.tapestry5.runtime.Component;
> import org.apache.tapestry5.services.ComponentEventRequestParameters;
> import org.apache.tapestry5.services.ComponentRequestHandler;
> import org.apache.tapestry5.services.ComponentSource;
> import org.apache.tapestry5.services.PageRenderLinkSource;
> import org.apache.tapestry5.services.PageRenderRequestParameters;
> import org.apache.tapestry5.services.Response;
>
>
> import com.example.pms.annotations.*;
>
>
> public class RequiresLoginFilter implements ComponentRequestFilter {
>
>Â private PageRenderLinkSource renderLinkSource;
>
>Â private ComponentSource componentSource;
>
>Â private Response response;
>
> //Â private final AuthenticationService authService;
>Â private AuthenticatorImp authService;
>
>
>Â public void PageAccessFilter(PageRenderLinkSource renderLinkSource, ComponentSource componentSource,
>Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Response response, AuthenticatorImp authService) {
>
>Â Â this.renderLinkSource = renderLinkSource;
>Â Â this.componentSource = componentSource;
>Â Â this.response = response;
>Â Â this.authService = authService;
>
>Â }
>
>Â public void handleComponentEvent(
>Â Â Â ComponentEventRequestParameters parameters,
>Â Â Â ComponentRequestHandler handler) throws IOException {
>
>Â Â if (dispatchedToLoginPage(parameters.getActivePageName())) {
>Â Â Â return;
>Â Â }
>
>Â Â handler.handleComponentEvent(parameters);
>
>Â }
>
>Â public void handlePageRender(PageRenderRequestParameters parameters,
>Â Â Â ComponentRequestHandler handler) throws IOException {
>
>Â Â if (dispatchedToLoginPage(parameters.getLogicalPageName())) {
>Â Â Â return;
>Â Â }
>
>Â Â handler.handlePageRender(parameters);
>Â }
>
>Â private boolean dispatchedToLoginPage(String pageName) throws IOException {
>
>Â Â if (authService.isLoggedIn()) {
>Â Â Â return false;
>Â Â }
>
>Â Â Component page = componentSource.getPage(pageName);
>
>Â Â if (! page.getClass().isAnnotationPresent(RequiresLogin.class)) {
>Â Â Â return false;
>Â Â }
>
>Â Â Link link = renderLinkSource.createPageRenderLink("Index");
>
>Â Â response.sendRedirect(link);
>
>Â Â return true;
>Â }
> }
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Securing page with Tapestry
Posted by Taha Hafeez Siddiqi <ta...@gmail.com>.
Are you defining your own ComponentRequestFilter interface? As you have included the code for that I am assuming you have.
You have to implement Tapestry's ComponentRequestFilter, not your own as you can't contribute to the RequestHandler any other implementation.
regards
Taha
On 06-Aug-2013, at 5:53 PM, Will N. <ll...@yahoo.fr> wrote:
> Am 06.08.2013 14:13, schrieb Thiago H de Paula Figueiredo:
>> I'm sorry, I should have asked for your ComponentRequestFilter implementation source too. ;)
>>
>> On Tue, 06 Aug 2013 08:31:15 -0300, Will N. <ll...@yahoo.fr> wrote:
>>
>>> Am 06.08.2013 13:25, schrieb Thiago H de Paula Figueiredo:
>>>> On Tue, 06 Aug 2013 05:10:37 -0300, Will N. <ll...@yahoo.fr> wrote:
>>>>
>>>>> Hi,
>>>>
>>>> Hi!
>>>>
>>>>> I am trying secure some pages of my application as shown in this tutorial. http://tapestryjava.blogspot.co.uk/search/label/security
>>>>> But I am having following error message when I start the application.
>>>>> Since the RequiresLoginFilte class implements the ComponentRequestFilter interface, I am confused about the coertion error!
>>>>
>>>> The error is weird. Could you post your PmsModule.contributeComponentRequestHandler() method
>>> /**
>>> * This module is automatically included as part of the Tapestry IoC Registry,
>>> * it's a good place to configure and extend Tapestry, or to place your own
>>> * service definitions. spring
>>> */
>>> public class PmsModule {
>>> // public static void bind(ServiceBinder binder) {
>>> // // binder.bind(MyServiceInterface.class, MyServiceImpl.class);
>>> //
>>> // // Make bind() calls on the binder object to define most IoC services.
>>> // // Use service builder methods (example below) when the implementation
>>> // // is provided inline, or requires more initialization than simply
>>> // // invoking the constructor.
>>> // binder.bind(ArbeitspaketDao.class, ArbeitspaketDaoImpl.class);
>>> // binder.bind(AufgabeDao.class, AufgabeDaoImpl.class);
>>> // binder.bind(BasicDao.class, BasicDaoImpl.class);
>>> // binder.bind(FunktionDao.class, FunktionDaoImpl.class);
>>> //// binder.bind(GrantedAuthorityBeanDao.class,
>>> //// GrantedAuthorityBeanDaoImpl.class);
>>> // binder.bind(MitarbeiterDao.class, MitarbeiterDaoImpl.class);
>>> // binder.bind(MitarbeiterProjektDao.class,
>>> // MitarbeiterProjektDaoImpl.class);
>>> // binder.bind(ModulDao.class, ModulDaoImpl.class);
>>> // binder.bind(PersonMonatDao.class, PersonMonatDaoImpl.class);
>>> // binder.bind(UserDataDao.class, UserDataDaoImpl.class);
>>> // binder.bind(ProjektDao.class, ProjektDaoImpl.class);
>>> // binder.bind(UnteraufgabeDao.class, UnteraufgabeDaoImpl.class);
>>> // binder.bind(UnterunteraufgabeDao.class, UnterunteraufgabeDaoImpl.class);
>>> //
>>> // }
>>>
>>> public static void contributeFactoryDefaults(
>>> MappedConfiguration<String, Object> configuration) {
>>> // The application version number is incorprated into URLs for some
>>> // assets. Web browsers will cache assets because of the far future
>>> // expires
>>> // header. If existing assets are changed, the version number should
>>> // also
>>> // change, to force the browser to download new versions. This overrides
>>> // Tapesty's default
>>> // (a random hexadecimal number), but may be further overriden by
>>> // DevelopmentModule or
>>> // QaModule.
>>> configuration.override(SymbolConstants.APPLICATION_VERSION,
>>> "1.0-SNAPSHOT");
>>> }
>>>
>>> public static void contributeApplicationDefaults(
>>> MappedConfiguration<String, Object> configuration) {
>>> // Contributions to ApplicationDefaults will override any contributions
>>> // to
>>> // FactoryDefaults (with the same key). Here we're restricting the
>>> // supported
>>> // locales to just "en" (English). As you add localised message catalogs
>>> // and other assets,
>>> // you can extend this list of locales (it's a comma separated series of
>>> // locale names;
>>> // the first locale name is the default when there's no reasonable
>>> // match).
>>> // configuration.add(SymbolConstants.SUPPORTED_LOCALES, "en");
>>> configuration.add(SymbolConstants.SUPPORTED_LOCALES, "de");
>>> configuration.add(SymbolConstants.COMPRESS_WHITESPACE, "true");
>>>
>>> }
>>>
>>> /**
>>> * This is a service definition, the service will be named "TimingFilter".
>>> * The interface, RequestFilter, is used within the RequestHandler service
>>> * pipeline, which is built from the RequestHandler service configuration.
>>> * Tapestry IoC is responsible for passing in an appropriate Logger
>>> * instance. Requests for static resources are handled at a higher level, so
>>> * this filter will only be invoked for Tapestry related requests.
>>> * <p/>
>>> * <p/>
>>> * Service builder methods are useful when the implementation is inline as
>>> * an inner class (as here) or require some other kind of special
>>> * initialization. In most cases, use the static bind() method instead.
>>> * <p/>
>>> * <p/>
>>> * If this method was named "build", then the service id would be taken from
>>> * the service interface and would be "RequestFilter". Since Tapestry
>>> * already defines a service named "RequestFilter" we use an explicit
>>> * service id that we can reference inside the contribution method.
>>> */
>>> public RequestFilter buildTimingFilter(final Logger log) {
>>> return new RequestFilter() {
>>> public boolean service(Request request, Response response,
>>> RequestHandler handler) throws IOException {
>>> long startTime = System.currentTimeMillis();
>>>
>>> try {
>>> // The responsibility of a filter is to invoke the
>>> // corresponding method
>>> // in the handler. When you chain multiple filters together,
>>> // each filter
>>> // received a handler that is a bridge to the next filter.
>>>
>>> return handler.service(request, response);
>>> } finally {
>>> long elapsed = System.currentTimeMillis() - startTime;
>>>
>>> log.info(String.format("Request time: %d ms", elapsed));
>>> }
>>> }
>>> };
>>> }
>>>
>>> /**
>>> * This is a contribution to the RequestHandler service configuration. This
>>> * is how we extend Tapestry using the timing filter. A common use for this
>>> * kind of filter is transaction management or security. The @Local
>>> * annotation selects the desired service by type, but only from the same
>>> * module. Without @Local, there would be an error due to the other
>>> * service(s) that implement RequestFilter (defined in other modules).
>>> */
>>> public void contributeRequestHandler(OrderedConfiguration<RequestFilter> configuration, @Local RequestFilter filter) {
>>> // Each contribution to an ordered configuration has a name, When
>>> // necessary, you may
>>> // set constraints to precisely control the invocation order of the
>>> // contributed filter
>>> // within the pipeline.
>>>
>>> configuration.add("Timing", filter);
>>> }
>>>
>>>
>>> @SuppressWarnings("unchecked")
>>> public static void contributeComponentRequestHandler(OrderedConfiguration configuration) {
>>> configuration.addInstance("RequiresLogin", RequiresLoginFilter.class);
>>>
>>> }
>>>
>>>
>>>
>>>
>>>
>>>
>>> }
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>>> For additional commands, e-mail: users-help@tapestry.apache.org
>>>
>>
>>
>
>
>
> import java.io.IOException;
>
> import org.apache.tapestry5.services.ComponentEventRequestParameters;
> import org.apache.tapestry5.services.ComponentRequestHandler;
> import org.apache.tapestry5.services.PageRenderRequestParameters;
>
>
> /**
> * Filter interface for {@link org.apache.tapestry5.services.ComponentRequestHandler}.
> */
> /**
> * Our implementation of this filter will check the page referenced in the request to see if it has the annotation.
> * If the annotation is present and the user has not yet logged in, we'll redirect to the Login page.
> * When a redirect is not necessary, we delegate to the next handler in the pipeline2:
> */
> public interface ComponentRequestFilter
> {
> /**
> * Handler for a component action request which will trigger an event on a component and use the return value to
> * send a response to the client (typically, a redirect to a page render URL).
> *
> * @param parameters defining the request
> * @param handler next handler in the pipeline
> */
> void handleComponentEvent(ComponentEventRequestParameters parameters, ComponentRequestHandler handler)
> throws IOException;
>
> /**
> * Invoked to activate and render a page. In certain cases, based on values returned when activating the page, a
> * {@link org.apache.tapestry5.services.ComponentEventResultProcessor} may be used to send an alternate response
> * (typically, a redirect).
> *
> * @param parameters defines the page name and activation context
> * @param handler next handler in the pipeline
> */
> void handlePageRender(PageRenderRequestParameters parameters, ComponentRequestHandler handler) throws IOException;
> }
>
>
>
>
>
>
> import java.io.IOException;
>
> import org.apache.tapestry5.Link;
> import org.apache.tapestry5.runtime.Component;
> import org.apache.tapestry5.services.ComponentEventRequestParameters;
> import org.apache.tapestry5.services.ComponentRequestHandler;
> import org.apache.tapestry5.services.ComponentSource;
> import org.apache.tapestry5.services.PageRenderLinkSource;
> import org.apache.tapestry5.services.PageRenderRequestParameters;
> import org.apache.tapestry5.services.Response;
>
>
> import com.example.pms.annotations.*;
>
>
> public class RequiresLoginFilter implements ComponentRequestFilter {
>
> private PageRenderLinkSource renderLinkSource;
>
> private ComponentSource componentSource;
>
> private Response response;
>
> // private final AuthenticationService authService;
> private AuthenticatorImp authService;
>
>
> public void PageAccessFilter(PageRenderLinkSource renderLinkSource, ComponentSource componentSource,
> Response response, AuthenticatorImp authService) {
>
> this.renderLinkSource = renderLinkSource;
> this.componentSource = componentSource;
> this.response = response;
> this.authService = authService;
>
> }
>
> public void handleComponentEvent(
> ComponentEventRequestParameters parameters,
> ComponentRequestHandler handler) throws IOException {
>
> if (dispatchedToLoginPage(parameters.getActivePageName())) {
> return;
> }
>
> handler.handleComponentEvent(parameters);
>
> }
>
> public void handlePageRender(PageRenderRequestParameters parameters,
> ComponentRequestHandler handler) throws IOException {
>
> if (dispatchedToLoginPage(parameters.getLogicalPageName())) {
> return;
> }
>
> handler.handlePageRender(parameters);
> }
>
> private boolean dispatchedToLoginPage(String pageName) throws IOException {
>
> if (authService.isLoggedIn()) {
> return false;
> }
>
> Component page = componentSource.getPage(pageName);
>
> if (! page.getClass().isAnnotationPresent(RequiresLogin.class)) {
> return false;
> }
>
> Link link = renderLinkSource.createPageRenderLink("Index");
>
> response.sendRedirect(link);
>
> return true;
> }
> }
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Securing page with Tapestry
Posted by "Will N." <ll...@yahoo.fr>.
Am 06.08.2013 14:13, schrieb Thiago H de Paula Figueiredo:
> I'm sorry, I should have asked for your ComponentRequestFilter
> implementation source too. ;)
>
> On Tue, 06 Aug 2013 08:31:15 -0300, Will N. <ll...@yahoo.fr>
> wrote:
>
>> Am 06.08.2013 13:25, schrieb Thiago H de Paula Figueiredo:
>>> On Tue, 06 Aug 2013 05:10:37 -0300, Will N. <ll...@yahoo.fr>
>>> wrote:
>>>
>>>> Hi,
>>>
>>> Hi!
>>>
>>>> I am trying secure some pages of my application as shown in this
>>>> tutorial. http://tapestryjava.blogspot.co.uk/search/label/security
>>>> But I am having following error message when I start the application.
>>>> Since the RequiresLoginFilte class implements the
>>>> ComponentRequestFilter interface, I am confused about the coertion
>>>> error!
>>>
>>> The error is weird. Could you post your
>>> PmsModule.contributeComponentRequestHandler() method
>> /**
>> * This module is automatically included as part of the Tapestry IoC
>> Registry,
>> * it's a good place to configure and extend Tapestry, or to place
>> your own
>> * service definitions. spring
>> */
>> public class PmsModule {
>> // public static void bind(ServiceBinder binder) {
>> // // binder.bind(MyServiceInterface.class, MyServiceImpl.class);
>> //
>> // // Make bind() calls on the binder object to define most
>> IoC services.
>> // // Use service builder methods (example below) when the
>> implementation
>> // // is provided inline, or requires more initialization than
>> simply
>> // // invoking the constructor.
>> // binder.bind(ArbeitspaketDao.class, ArbeitspaketDaoImpl.class);
>> // binder.bind(AufgabeDao.class, AufgabeDaoImpl.class);
>> // binder.bind(BasicDao.class, BasicDaoImpl.class);
>> // binder.bind(FunktionDao.class, FunktionDaoImpl.class);
>> //// binder.bind(GrantedAuthorityBeanDao.class,
>> //// GrantedAuthorityBeanDaoImpl.class);
>> // binder.bind(MitarbeiterDao.class, MitarbeiterDaoImpl.class);
>> // binder.bind(MitarbeiterProjektDao.class,
>> // MitarbeiterProjektDaoImpl.class);
>> // binder.bind(ModulDao.class, ModulDaoImpl.class);
>> // binder.bind(PersonMonatDao.class, PersonMonatDaoImpl.class);
>> // binder.bind(UserDataDao.class, UserDataDaoImpl.class);
>> // binder.bind(ProjektDao.class, ProjektDaoImpl.class);
>> // binder.bind(UnteraufgabeDao.class, UnteraufgabeDaoImpl.class);
>> // binder.bind(UnterunteraufgabeDao.class,
>> UnterunteraufgabeDaoImpl.class);
>> //
>> // }
>>
>> public static void contributeFactoryDefaults(
>> MappedConfiguration<String, Object> configuration) {
>> // The application version number is incorprated into URLs
>> for some
>> // assets. Web browsers will cache assets because of the far
>> future
>> // expires
>> // header. If existing assets are changed, the version
>> number should
>> // also
>> // change, to force the browser to download new versions.
>> This overrides
>> // Tapesty's default
>> // (a random hexadecimal number), but may be further
>> overriden by
>> // DevelopmentModule or
>> // QaModule.
>> configuration.override(SymbolConstants.APPLICATION_VERSION,
>> "1.0-SNAPSHOT");
>> }
>>
>> public static void contributeApplicationDefaults(
>> MappedConfiguration<String, Object> configuration) {
>> // Contributions to ApplicationDefaults will override any
>> contributions
>> // to
>> // FactoryDefaults (with the same key). Here we're
>> restricting the
>> // supported
>> // locales to just "en" (English). As you add localised
>> message catalogs
>> // and other assets,
>> // you can extend this list of locales (it's a comma
>> separated series of
>> // locale names;
>> // the first locale name is the default when there's no
>> reasonable
>> // match).
>> // configuration.add(SymbolConstants.SUPPORTED_LOCALES, "en");
>> configuration.add(SymbolConstants.SUPPORTED_LOCALES, "de");
>> configuration.add(SymbolConstants.COMPRESS_WHITESPACE, "true");
>>
>> }
>>
>> /**
>> * This is a service definition, the service will be named
>> "TimingFilter".
>> * The interface, RequestFilter, is used within the
>> RequestHandler service
>> * pipeline, which is built from the RequestHandler service
>> configuration.
>> * Tapestry IoC is responsible for passing in an appropriate Logger
>> * instance. Requests for static resources are handled at a
>> higher level, so
>> * this filter will only be invoked for Tapestry related requests.
>> * <p/>
>> * <p/>
>> * Service builder methods are useful when the implementation is
>> inline as
>> * an inner class (as here) or require some other kind of special
>> * initialization. In most cases, use the static bind() method
>> instead.
>> * <p/>
>> * <p/>
>> * If this method was named "build", then the service id would
>> be taken from
>> * the service interface and would be "RequestFilter". Since
>> Tapestry
>> * already defines a service named "RequestFilter" we use an
>> explicit
>> * service id that we can reference inside the contribution method.
>> */
>> public RequestFilter buildTimingFilter(final Logger log) {
>> return new RequestFilter() {
>> public boolean service(Request request, Response response,
>> RequestHandler handler) throws IOException {
>> long startTime = System.currentTimeMillis();
>>
>> try {
>> // The responsibility of a filter is to invoke the
>> // corresponding method
>> // in the handler. When you chain multiple
>> filters together,
>> // each filter
>> // received a handler that is a bridge to the
>> next filter.
>>
>> return handler.service(request, response);
>> } finally {
>> long elapsed = System.currentTimeMillis() -
>> startTime;
>>
>> log.info(String.format("Request time: %d ms",
>> elapsed));
>> }
>> }
>> };
>> }
>>
>> /**
>> * This is a contribution to the RequestHandler service
>> configuration. This
>> * is how we extend Tapestry using the timing filter. A common
>> use for this
>> * kind of filter is transaction management or security. The @Local
>> * annotation selects the desired service by type, but only from
>> the same
>> * module. Without @Local, there would be an error due to the other
>> * service(s) that implement RequestFilter (defined in other
>> modules).
>> */
>> public void
>> contributeRequestHandler(OrderedConfiguration<RequestFilter>
>> configuration, @Local RequestFilter filter) {
>> // Each contribution to an ordered configuration has a name,
>> When
>> // necessary, you may
>> // set constraints to precisely control the invocation order
>> of the
>> // contributed filter
>> // within the pipeline.
>>
>> configuration.add("Timing", filter);
>> }
>>
>>
>> @SuppressWarnings("unchecked")
>> public static void
>> contributeComponentRequestHandler(OrderedConfiguration configuration) {
>> configuration.addInstance("RequiresLogin",
>> RequiresLoginFilter.class);
>>
>> }
>>
>>
>>
>>
>>
>>
>> }
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> For additional commands, e-mail: users-help@tapestry.apache.org
>>
>
>
import java.io.IOException;
import org.apache.tapestry5.services.ComponentEventRequestParameters;
import org.apache.tapestry5.services.ComponentRequestHandler;
import org.apache.tapestry5.services.PageRenderRequestParameters;
/**
* Filter interface for {@link
org.apache.tapestry5.services.ComponentRequestHandler}.
*/
/**
* Our implementation of this filter will check the page referenced in
the request to see if it has the annotation.
* If the annotation is present and the user has not yet logged in,
we'll redirect to the Login page.
* When a redirect is not necessary, we delegate to the next handler in
the pipeline2:
*/
public interface ComponentRequestFilter
{
/**
* Handler for a component action request which will trigger an
event on a component and use the return value to
* send a response to the client (typically, a redirect to a page
render URL).
*
* @param parameters defining the request
* @param handler next handler in the pipeline
*/
void handleComponentEvent(ComponentEventRequestParameters
parameters, ComponentRequestHandler handler)
throws IOException;
/**
* Invoked to activate and render a page. In certain cases, based
on values returned when activating the page, a
* {@link
org.apache.tapestry5.services.ComponentEventResultProcessor} may be used
to send an alternate response
* (typically, a redirect).
*
* @param parameters defines the page name and activation context
* @param handler next handler in the pipeline
*/
void handlePageRender(PageRenderRequestParameters parameters,
ComponentRequestHandler handler) throws IOException;
}
import java.io.IOException;
import org.apache.tapestry5.Link;
import org.apache.tapestry5.runtime.Component;
import org.apache.tapestry5.services.ComponentEventRequestParameters;
import org.apache.tapestry5.services.ComponentRequestHandler;
import org.apache.tapestry5.services.ComponentSource;
import org.apache.tapestry5.services.PageRenderLinkSource;
import org.apache.tapestry5.services.PageRenderRequestParameters;
import org.apache.tapestry5.services.Response;
import com.example.pms.annotations.*;
public class RequiresLoginFilter implements ComponentRequestFilter {
private PageRenderLinkSource renderLinkSource;
private ComponentSource componentSource;
private Response response;
// private final AuthenticationService authService;
private AuthenticatorImp authService;
public void PageAccessFilter(PageRenderLinkSource renderLinkSource,
ComponentSource componentSource,
Response response, AuthenticatorImp
authService) {
this.renderLinkSource = renderLinkSource;
this.componentSource = componentSource;
this.response = response;
this.authService = authService;
}
public void handleComponentEvent(
ComponentEventRequestParameters parameters,
ComponentRequestHandler handler) throws IOException {
if (dispatchedToLoginPage(parameters.getActivePageName())) {
return;
}
handler.handleComponentEvent(parameters);
}
public void handlePageRender(PageRenderRequestParameters parameters,
ComponentRequestHandler handler) throws IOException {
if (dispatchedToLoginPage(parameters.getLogicalPageName())) {
return;
}
handler.handlePageRender(parameters);
}
private boolean dispatchedToLoginPage(String pageName) throws
IOException {
if (authService.isLoggedIn()) {
return false;
}
Component page = componentSource.getPage(pageName);
if (! page.getClass().isAnnotationPresent(RequiresLogin.class)) {
return false;
}
Link link = renderLinkSource.createPageRenderLink("Index");
response.sendRedirect(link);
return true;
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Securing page with Tapestry
Posted by Thiago H de Paula Figueiredo <th...@gmail.com>.
I'm sorry, I should have asked for your ComponentRequestFilter
implementation source too. ;)
On Tue, 06 Aug 2013 08:31:15 -0300, Will N. <ll...@yahoo.fr> wrote:
> Am 06.08.2013 13:25, schrieb Thiago H de Paula Figueiredo:
>> On Tue, 06 Aug 2013 05:10:37 -0300, Will N. <ll...@yahoo.fr>
>> wrote:
>>
>>> Hi,
>>
>> Hi!
>>
>>> I am trying secure some pages of my application as shown in this
>>> tutorial. http://tapestryjava.blogspot.co.uk/search/label/security
>>> But I am having following error message when I start the application.
>>> Since the RequiresLoginFilte class implements the
>>> ComponentRequestFilter interface, I am confused about the coertion
>>> error!
>>
>> The error is weird. Could you post your
>> PmsModule.contributeComponentRequestHandler() method
> /**
> * This module is automatically included as part of the Tapestry IoC
> Registry,
> * it's a good place to configure and extend Tapestry, or to place your
> own
> * service definitions. spring
> */
> public class PmsModule {
> // public static void bind(ServiceBinder binder) {
> // // binder.bind(MyServiceInterface.class, MyServiceImpl.class);
> //
> // // Make bind() calls on the binder object to define most IoC
> services.
> // // Use service builder methods (example below) when the
> implementation
> // // is provided inline, or requires more initialization than
> simply
> // // invoking the constructor.
> // binder.bind(ArbeitspaketDao.class, ArbeitspaketDaoImpl.class);
> // binder.bind(AufgabeDao.class, AufgabeDaoImpl.class);
> // binder.bind(BasicDao.class, BasicDaoImpl.class);
> // binder.bind(FunktionDao.class, FunktionDaoImpl.class);
> //// binder.bind(GrantedAuthorityBeanDao.class,
> //// GrantedAuthorityBeanDaoImpl.class);
> // binder.bind(MitarbeiterDao.class, MitarbeiterDaoImpl.class);
> // binder.bind(MitarbeiterProjektDao.class,
> // MitarbeiterProjektDaoImpl.class);
> // binder.bind(ModulDao.class, ModulDaoImpl.class);
> // binder.bind(PersonMonatDao.class, PersonMonatDaoImpl.class);
> // binder.bind(UserDataDao.class, UserDataDaoImpl.class);
> // binder.bind(ProjektDao.class, ProjektDaoImpl.class);
> // binder.bind(UnteraufgabeDao.class, UnteraufgabeDaoImpl.class);
> // binder.bind(UnterunteraufgabeDao.class,
> UnterunteraufgabeDaoImpl.class);
> //
> // }
>
> public static void contributeFactoryDefaults(
> MappedConfiguration<String, Object> configuration) {
> // The application version number is incorprated into URLs for
> some
> // assets. Web browsers will cache assets because of the far
> future
> // expires
> // header. If existing assets are changed, the version number
> should
> // also
> // change, to force the browser to download new versions. This
> overrides
> // Tapesty's default
> // (a random hexadecimal number), but may be further overriden
> by
> // DevelopmentModule or
> // QaModule.
> configuration.override(SymbolConstants.APPLICATION_VERSION,
> "1.0-SNAPSHOT");
> }
>
> public static void contributeApplicationDefaults(
> MappedConfiguration<String, Object> configuration) {
> // Contributions to ApplicationDefaults will override any
> contributions
> // to
> // FactoryDefaults (with the same key). Here we're restricting
> the
> // supported
> // locales to just "en" (English). As you add localised message
> catalogs
> // and other assets,
> // you can extend this list of locales (it's a comma separated
> series of
> // locale names;
> // the first locale name is the default when there's no
> reasonable
> // match).
> // configuration.add(SymbolConstants.SUPPORTED_LOCALES, "en");
> configuration.add(SymbolConstants.SUPPORTED_LOCALES, "de");
> configuration.add(SymbolConstants.COMPRESS_WHITESPACE, "true");
>
> }
>
> /**
> * This is a service definition, the service will be named
> "TimingFilter".
> * The interface, RequestFilter, is used within the RequestHandler
> service
> * pipeline, which is built from the RequestHandler service
> configuration.
> * Tapestry IoC is responsible for passing in an appropriate Logger
> * instance. Requests for static resources are handled at a higher
> level, so
> * this filter will only be invoked for Tapestry related requests.
> * <p/>
> * <p/>
> * Service builder methods are useful when the implementation is
> inline as
> * an inner class (as here) or require some other kind of special
> * initialization. In most cases, use the static bind() method
> instead.
> * <p/>
> * <p/>
> * If this method was named "build", then the service id would be
> taken from
> * the service interface and would be "RequestFilter". Since
> Tapestry
> * already defines a service named "RequestFilter" we use an
> explicit
> * service id that we can reference inside the contribution method.
> */
> public RequestFilter buildTimingFilter(final Logger log) {
> return new RequestFilter() {
> public boolean service(Request request, Response response,
> RequestHandler handler) throws IOException {
> long startTime = System.currentTimeMillis();
>
> try {
> // The responsibility of a filter is to invoke the
> // corresponding method
> // in the handler. When you chain multiple filters
> together,
> // each filter
> // received a handler that is a bridge to the next
> filter.
>
> return handler.service(request, response);
> } finally {
> long elapsed = System.currentTimeMillis() -
> startTime;
>
> log.info(String.format("Request time: %d ms",
> elapsed));
> }
> }
> };
> }
>
> /**
> * This is a contribution to the RequestHandler service
> configuration. This
> * is how we extend Tapestry using the timing filter. A common use
> for this
> * kind of filter is transaction management or security. The @Local
> * annotation selects the desired service by type, but only from
> the same
> * module. Without @Local, there would be an error due to the other
> * service(s) that implement RequestFilter (defined in other
> modules).
> */
> public void
> contributeRequestHandler(OrderedConfiguration<RequestFilter>
> configuration, @Local RequestFilter filter) {
> // Each contribution to an ordered configuration has a name,
> When
> // necessary, you may
> // set constraints to precisely control the invocation order of
> the
> // contributed filter
> // within the pipeline.
>
> configuration.add("Timing", filter);
> }
>
>
> @SuppressWarnings("unchecked")
> public static void
> contributeComponentRequestHandler(OrderedConfiguration configuration) {
> configuration.addInstance("RequiresLogin",
> RequiresLoginFilter.class);
>
> }
>
>
>
>
>
>
> }
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
--
Thiago H. de Paula Figueiredo
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Securing page with Tapestry
Posted by "Will N." <ll...@yahoo.fr>.
Am 06.08.2013 13:25, schrieb Thiago H de Paula Figueiredo:
> On Tue, 06 Aug 2013 05:10:37 -0300, Will N. <ll...@yahoo.fr>
> wrote:
>
>> Hi,
>
> Hi!
>
>> I am trying secure some pages of my application as shown in this
>> tutorial. http://tapestryjava.blogspot.co.uk/search/label/security
>> But I am having following error message when I start the application.
>> Since the RequiresLoginFilte class implements the
>> ComponentRequestFilter interface, I am confused about the coertion
>> error!
>
> The error is weird. Could you post your
> PmsModule.contributeComponentRequestHandler() method
/**
* This module is automatically included as part of the Tapestry IoC
Registry,
* it's a good place to configure and extend Tapestry, or to place your own
* service definitions. spring
*/
public class PmsModule {
// public static void bind(ServiceBinder binder) {
// // binder.bind(MyServiceInterface.class, MyServiceImpl.class);
//
// // Make bind() calls on the binder object to define most IoC
services.
// // Use service builder methods (example below) when the
implementation
// // is provided inline, or requires more initialization than simply
// // invoking the constructor.
// binder.bind(ArbeitspaketDao.class, ArbeitspaketDaoImpl.class);
// binder.bind(AufgabeDao.class, AufgabeDaoImpl.class);
// binder.bind(BasicDao.class, BasicDaoImpl.class);
// binder.bind(FunktionDao.class, FunktionDaoImpl.class);
//// binder.bind(GrantedAuthorityBeanDao.class,
//// GrantedAuthorityBeanDaoImpl.class);
// binder.bind(MitarbeiterDao.class, MitarbeiterDaoImpl.class);
// binder.bind(MitarbeiterProjektDao.class,
// MitarbeiterProjektDaoImpl.class);
// binder.bind(ModulDao.class, ModulDaoImpl.class);
// binder.bind(PersonMonatDao.class, PersonMonatDaoImpl.class);
// binder.bind(UserDataDao.class, UserDataDaoImpl.class);
// binder.bind(ProjektDao.class, ProjektDaoImpl.class);
// binder.bind(UnteraufgabeDao.class, UnteraufgabeDaoImpl.class);
// binder.bind(UnterunteraufgabeDao.class,
UnterunteraufgabeDaoImpl.class);
//
// }
public static void contributeFactoryDefaults(
MappedConfiguration<String, Object> configuration) {
// The application version number is incorprated into URLs for some
// assets. Web browsers will cache assets because of the far future
// expires
// header. If existing assets are changed, the version number
should
// also
// change, to force the browser to download new versions. This
overrides
// Tapesty's default
// (a random hexadecimal number), but may be further overriden by
// DevelopmentModule or
// QaModule.
configuration.override(SymbolConstants.APPLICATION_VERSION,
"1.0-SNAPSHOT");
}
public static void contributeApplicationDefaults(
MappedConfiguration<String, Object> configuration) {
// Contributions to ApplicationDefaults will override any
contributions
// to
// FactoryDefaults (with the same key). Here we're restricting the
// supported
// locales to just "en" (English). As you add localised message
catalogs
// and other assets,
// you can extend this list of locales (it's a comma separated
series of
// locale names;
// the first locale name is the default when there's no reasonable
// match).
// configuration.add(SymbolConstants.SUPPORTED_LOCALES, "en");
configuration.add(SymbolConstants.SUPPORTED_LOCALES, "de");
configuration.add(SymbolConstants.COMPRESS_WHITESPACE, "true");
}
/**
* This is a service definition, the service will be named
"TimingFilter".
* The interface, RequestFilter, is used within the RequestHandler
service
* pipeline, which is built from the RequestHandler service
configuration.
* Tapestry IoC is responsible for passing in an appropriate Logger
* instance. Requests for static resources are handled at a higher
level, so
* this filter will only be invoked for Tapestry related requests.
* <p/>
* <p/>
* Service builder methods are useful when the implementation is
inline as
* an inner class (as here) or require some other kind of special
* initialization. In most cases, use the static bind() method instead.
* <p/>
* <p/>
* If this method was named "build", then the service id would be
taken from
* the service interface and would be "RequestFilter". Since Tapestry
* already defines a service named "RequestFilter" we use an explicit
* service id that we can reference inside the contribution method.
*/
public RequestFilter buildTimingFilter(final Logger log) {
return new RequestFilter() {
public boolean service(Request request, Response response,
RequestHandler handler) throws IOException {
long startTime = System.currentTimeMillis();
try {
// The responsibility of a filter is to invoke the
// corresponding method
// in the handler. When you chain multiple filters
together,
// each filter
// received a handler that is a bridge to the next
filter.
return handler.service(request, response);
} finally {
long elapsed = System.currentTimeMillis() - startTime;
log.info(String.format("Request time: %d ms",
elapsed));
}
}
};
}
/**
* This is a contribution to the RequestHandler service
configuration. This
* is how we extend Tapestry using the timing filter. A common use
for this
* kind of filter is transaction management or security. The @Local
* annotation selects the desired service by type, but only from
the same
* module. Without @Local, there would be an error due to the other
* service(s) that implement RequestFilter (defined in other modules).
*/
public void
contributeRequestHandler(OrderedConfiguration<RequestFilter>
configuration, @Local RequestFilter filter) {
// Each contribution to an ordered configuration has a name, When
// necessary, you may
// set constraints to precisely control the invocation order of the
// contributed filter
// within the pipeline.
configuration.add("Timing", filter);
}
@SuppressWarnings("unchecked")
public static void
contributeComponentRequestHandler(OrderedConfiguration configuration) {
configuration.addInstance("RequiresLogin",
RequiresLoginFilter.class);
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Securing page with Tapestry
Posted by Thiago H de Paula Figueiredo <th...@gmail.com>.
On Tue, 06 Aug 2013 05:10:37 -0300, Will N. <ll...@yahoo.fr> wrote:
> Hi,
Hi!
> I am trying secure some pages of my application as shown in this
> tutorial. http://tapestryjava.blogspot.co.uk/search/label/security
> But I am having following error message when I start the application.
> Since the RequiresLoginFilte class implements the ComponentRequestFilter
> interface, I am confused about the coertion error!
The error is weird. Could you post your
PmsModule.contributeComponentRequestHandler() method please?
--
Thiago H. de Paula Figueiredo
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Securing page with Tapestry
Posted by "D.R." <d....@googlemail.com>.
Hi Will,
seems that the tapestry-security is not in your classpath.
Make sure that you see:
...
ProjectClassLoader:
entry=/home/ASDF/.m2/repository/org/tynamo/tapestry-security/0.5.1/tapestry-security-0.5.1.jar
...
and:
...
[INFO] ioc.RegistryBuilder Adding module definition for class
org.tynamo.security.services.SecurityModule
...
With kind regards
David
Am 09.08.2013 15:02, schrieb Will N.:
> Hi David,
> actually, i do not come so far because the error occurs while the
> application is starting. So It does not get to the point where the
> services are printed.
>
>
> [INFO] ioc.RegistryBuilder Adding module definition for class
> org.apache.tapestry5.ioc.services.TapestryIOCModule
> [INFO] ioc.RegistryBuilder Adding module definition for class
> org.apache.tapestry5.hibernate.HibernateCoreModule
> [INFO] ioc.RegistryBuilder Adding module definition for class
> org.apache.tapestry5.json.services.JSONModule
> [INFO] ioc.RegistryBuilder Adding module definition for class
> org.apache.tapestry5.yuicompressor.services.YuiCompressorModule
> [INFO] ioc.RegistryBuilder Adding module definition for class
> org.apache.tapestry5.services.TapestryModule
> [INFO] ioc.RegistryBuilder Adding module definition for class
> org.apache.tapestry5.internal.services.InternalModule
> [INFO] ioc.RegistryBuilder Adding module definition for class
> org.apache.tapestry5.services.assets.AssetsModule
> [INFO] ioc.RegistryBuilder Adding module definition for class
> org.apache.tapestry5.services.pageload.PageLoadModule
> [INFO] ioc.RegistryBuilder Adding module definition for class
> com.example.pms.services.PmsModule
> [INFO] ioc.RegistryBuilder Adding module definition for class
> com.example.pms.services.DevelopmentModule
> 2013-08-09 15:00:08.583:WARN::failed pms:
> java.lang.IllegalArgumentException: Contribution
> com.example.pms.services.PmsModule.contributeWebSecurityManager(Configuration,
> Session) (at PmsModule.java:195) is for service 'WebSecurityManager',
> which does not exist.
> 2013-08-09 15:00:08.583:WARN::Failed startup of context
> org.mortbay.jetty.webapp.WebAppContext@9a0d40{/pms,C:\Users\xxx\tapestry\pms\src\main\webapp}
> java.lang.IllegalArgumentException: Contribution
> com.example.pms.services.PmsModule.contributeWebSecurityManager(Configuration,
> Session) (at PmsModule.java:195) is for service 'WebSecurityManager',
> which does not exist.
> at
> org.apache.tapestry5.ioc.internal.RegistryImpl.validateContributeDefs(RegistryImpl.java:241)
> at
> org.apache.tapestry5.ioc.internal.RegistryImpl.<init>(RegistryImpl.java:205)
> at
> org.apache.tapestry5.ioc.RegistryBuilder.build(RegistryBuilder.java:177)
> at
> org.apache.tapestry5.internal.TapestryAppInitializer.createRegistry(TapestryAppInitializer.java:200)
> at org.apache.tapestry5.TapestryFilter.init(TapestryFilter.java:109)
> at
> org.mortbay.jetty.servlet.FilterHolder.doStart(FilterHolder.java:97)
> at
> org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
> at
> org.mortbay.jetty.servlet.ServletHandler.initialize(ServletHandler.java:713)
> at org.mortbay.jetty.servlet.Context.startContext(Context.java:140)
> at
> org.mortbay.jetty.webapp.WebAppContext.startContext(WebAppContext.java:1282)
> at
> org.mortbay.jetty.handler.ContextHandler.doStart(ContextHandler.java:518)
> at
> org.mortbay.jetty.webapp.WebAppContext.doStart(WebAppContext.java:499)
> at
> org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
> at
> org.mortbay.jetty.handler.HandlerWrapper.doStart(HandlerWrapper.java:130)
> at org.mortbay.jetty.Server.doStart(Server.java:224)
> at
> org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
> at runjettyrun.Bootstrap.main(Bootstrap.java:97)
> 2013-08-09 15:00:08.614:INFO::Started SelectChannelConnector@0.0.0.0:8080
> Am 09.08.2013 13:56, schrieb D.R.:
>
>
> public class PmsModule {
>
> public static void bind(ServiceBinder binder) {
> // // binder.bind(MyServiceInterface.class, MyServiceImpl.class);
> //
> // // Make bind() calls on the binder object to define most IoC
> // services.
> // // Use service builder methods (example below) when the
> // implementation
> // // is provided inline, or requires more initialization than
> simply
> // // invoking the constructor.
> binder.bind(ArbeitspaketDao.class, ArbeitspaketDaoImpl.class);
> binder.bind(AufgabeDao.class, AufgabeDaoImpl.class);
> binder.bind(BasicDao.class, BasicDaoImpl.class);
> binder.bind(FunktionDao.class, FunktionDaoImpl.class);
> // binder.bind(GrantedAuthorityBeanDao.class,
> // GrantedAuthorityBeanDaoImpl.class);
> binder.bind(MitarbeiterDao.class, MitarbeiterDaoImpl.class);
> binder.bind(MitarbeiterProjektDao.class,
> MitarbeiterProjektDaoImpl.class);
> binder.bind(ModulDao.class, ModulDaoImpl.class);
> binder.bind(PersonMonatDao.class, PersonMonatDaoImpl.class);
> binder.bind(UserDataDao.class, UserDataDaoImpl.class);
> binder.bind(ProjektDao.class, ProjektDaoImpl.class);
> binder.bind(UnteraufgabeDao.class, UnteraufgabeDaoImpl.class);
> binder.bind(UnterunteraufgabeDao.class,
> UnterunteraufgabeDaoImpl.class);
> binder.bind(PrivillegesDao.class, PrivillegesDaoImpl.class);
> binder.bind(AuthenticatorInterface.class,
> AuthenticatorImp.class);
> //
> }
>
> public static void contributeFactoryDefaults(
> MappedConfiguration<String, Object> configuration) {
> // The application version number is incorprated into URLs for
> some
> // assets. Web browsers will cache assets because of the far
> future
> // expires
> // header. If existing assets are changed, the version number
> should
> // also
> // change, to force the browser to download new versions. This
> overrides
> // Tapesty's default
> // (a random hexadecimal number), but may be further overriden by
> // DevelopmentModule or
> // QaModule.
> configuration.override(SymbolConstants.APPLICATION_VERSION,
> "1.0-SNAPSHOT");
> }
>
> public static void contributeApplicationDefaults(
> MappedConfiguration<String, Object> configuration) {
> // Contributions to ApplicationDefaults will override any
> contributions
> // to
> // FactoryDefaults (with the same key). Here we're restricting
> the
> // supported
> // locales to just "en" (English). As you add localised
> message catalogs
> // and other assets,
> // you can extend this list of locales (it's a comma separated
> series of
> // locale names;
> // the first locale name is the default when there's no
> reasonable
> // match).
> // configuration.add(SymbolConstants.SUPPORTED_LOCALES, "en");
> configuration.add(SymbolConstants.SUPPORTED_LOCALES, "de");
> configuration.add(SymbolConstants.COMPRESS_WHITESPACE, "true");
>
> }
>
> /**
> * This is a service definition, the service will be named
> "TimingFilter".
> * The interface, RequestFilter, is used within the RequestHandler
> service
> * pipeline, which is built from the RequestHandler service
> configuration.
> * Tapestry IoC is responsible for passing in an appropriate Logger
> * instance. Requests for static resources are handled at a higher
> level, so
> * this filter will only be invoked for Tapestry related requests.
> * <p/>
> * <p/>
> * Service builder methods are useful when the implementation is
> inline as
> * an inner class (as here) or require some other kind of special
> * initialization. In most cases, use the static bind() method
> instead.
> * <p/>
> * <p/>
> * If this method was named "build", then the service id would be
> taken from
> * the service interface and would be "RequestFilter". Since Tapestry
> * already defines a service named "RequestFilter" we use an explicit
> * service id that we can reference inside the contribution method.
> */
> public RequestFilter buildTimingFilter(final Logger log) {
> return new RequestFilter() {
> public boolean service(Request request, Response response,
> RequestHandler handler) throws IOException {
> long startTime = System.currentTimeMillis();
>
> try {
> // The responsibility of a filter is to invoke the
> // corresponding method
> // in the handler. When you chain multiple filters
> together,
> // each filter
> // received a handler that is a bridge to the next
> filter.
>
> return handler.service(request, response);
> } finally {
> long elapsed = System.currentTimeMillis() -
> startTime;
>
> log.info(String.format("Request time: %d ms",
> elapsed));
> }
> }
> };
> }
>
> /**
> * This is a contribution to the RequestHandler service
> configuration. This
> * is how we extend Tapestry using the timing filter. A common use
> for this
> * kind of filter is transaction management or security. The @Local
> * annotation selects the desired service by type, but only from
> the same
> * module. Without @Local, there would be an error due to the other
> * service(s) that implement RequestFilter (defined in other
> modules).
> */
>
>
> public void contributeRequestHandler(
> OrderedConfiguration<RequestFilter> configuration,
> @Local RequestFilter filter) {
> // Each contribution to an ordered configuration has a name, When
> // necessary, you may
> // set constraints to precisely control the invocation order
> of the
> // contributed filter
> // within the pipeline.
>
> configuration.add("Timing", filter);
> }
>
> @SuppressWarnings("unchecked")
> public static void contributeComponentRequestHandler(
> OrderedConfiguration configuration) {
>
> configuration.addInstance("RequiresLogin",
> RequiresLoginFilter.class);
> configuration.addInstance("RequiresRole",
> RequiresRolesFilter.class);
>
> }
>
>
> public static void
> contributeWebSecurityManager(Configuration<Realm> configuration,
> Session session) {
>
> EntityRealm realm = new EntityRealm(session);
> HashedCredentialsMatcher hcm = new
> HashedCredentialsMatcher("SHA-256");
> hcm.setHashIterations(1024);
> hcm.setStoredCredentialsHexEncoded(false);
> realm.setCredentialsMatcher(hcm);
> configuration.add((Realm) realm);
> }
>
>
> package com.example.pms.entities;
>
> import java.util.HashSet;
> import java.util.Iterator;
> import java.util.Set;
>
> import javax.persistence.CascadeType;
> import javax.persistence.Column;
> import javax.persistence.Entity;
> import javax.persistence.FetchType;
> import javax.persistence.GeneratedValue;
> import javax.persistence.GenerationType;
> import javax.persistence.Id;
> import javax.persistence.JoinColumn;
> import javax.persistence.JoinTable;
> import javax.persistence.ManyToMany;
> import javax.persistence.OneToMany;
> import javax.persistence.Table;
> import javax.persistence.Transient;
>
> import org.apache.shiro.crypto.RandomNumberGenerator;
> import org.apache.shiro.crypto.SecureRandomNumberGenerator;
> import org.apache.shiro.crypto.hash.Sha256Hash;
> import org.apache.shiro.util.ByteSource;
> import org.apache.tapestry5.beaneditor.DataType;
> import org.apache.tapestry5.beaneditor.NonVisual;
> import org.apache.tapestry5.beaneditor.Validate;
> import org.hibernate.Session;
>
> import com.example.pms.Dao.impl.AufgabeDaoImpl;
> import com.example.pms.Dao.impl.MitarbeiterDaoImpl;
> import com.example.pms.Dao.impl.UnteraufgabeDaoImpl;
> import com.example.pms.data.Systemrole;
> import com.example.pms.data.Titel;
>
> @Entity
> @Table(name = "MITARBEITER")
> public class Mitarbeiter {
>
> @Id
> @GeneratedValue(strategy = GenerationType.IDENTITY)
> @NonVisual
> @Column(name = "ID")
> public int id;
>
> @Column(name = "titel")
> public Titel titel;
>
> @Column(name = "mitarbeitername", nullable = false)
> @Validate("required")
> public String name;
>
> @Column(name = "vorname", nullable = false)
> @Validate("Required")
> public String vorname;
>
> @NonVisual
> @Column(name = "systemrole", nullable = false)
> @Validate("Required")
> public Systemrole role;
>
> private boolean enabled = true;
>
> @Transient
> @DataType("password")
> private String password;
>
> @NonVisual
> private String passwordSalt;
>
> @NonVisual
> private String passwordHash;
>
> private String username;
>
> @Column(name = "email", nullable = false)
> @Validate("Required, regexp")
> public String email;
>
> @Column(name = "initialen", nullable = false, unique = true)
> @Validate("Required")
> public String initialen;
>
> @OneToMany(mappedBy = "projektleiter")
> private Set<Projekt> projektListe;
>
> // Beziehung zur Funktion
> @OneToMany(mappedBy = "verantwortlicher", cascade = {
> CascadeType.REMOVE })
> private Set<Funktion> funktion;
>
> // Beziehung zur Funktion
> @OneToMany(mappedBy = "verantwortlicher", cascade = {
> CascadeType.REMOVE })
> private Set<Arbeitspaket> arbeitspaket;
>
> // Beziehung zum Projekt
> @OneToMany(mappedBy = "mitarbeiter")
> private Set<Mitarbeiterprojekt> mitarbeiterprojekt;
>
> @ManyToMany(cascade = { CascadeType.ALL }, fetch = FetchType.EAGER)
> @JoinTable(name = "MITARBEITER_AUFGABE", joinColumns = {
> @JoinColumn(name = "MITARBEITER_ID") }, inverseJoinColumns = {
> @JoinColumn(name = "AUFGABE_ID") })
> private Set<Aufgabe> aufgabenListe;
>
> @ManyToMany(cascade = { CascadeType.ALL }, fetch = FetchType.EAGER)
> @JoinTable(name = "MITARBEITER_UNTERAUFGABE", joinColumns = {
> @JoinColumn(name = "MITARBEITER_ID") }, inverseJoinColumns = {
> @JoinColumn(name = "UNTERAUFGABE_ID") })
> private Set<Unteraufgabe> unteraufgabenListe;
>
> @OneToMany(mappedBy = "verantwortlicher", cascade = {
> CascadeType.REMOVE }, fetch = FetchType.EAGER)
> // fetch=FetchType.EAGER
> private Set<Unterunteraufgabe> unterunteraufgabenListe;
>
> /**
> * @return the enabled
> */
> public boolean isEnabled() {
> return enabled;
> }
>
> /**
> * @param enabled
> * the enabled to set
> */
> public void setEnabled(boolean enabled) {
> this.enabled = enabled;
> }
>
> /**
> * @param id
> * UnteraufgabeID
> * @param session
> * @param unteraufgabeDao
> * @param mitarbeiterDao
> */
> public void removeUnteraufgabe(int id, Session session,
> UnteraufgabeDaoImpl<Unteraufgabe> unteraufgabeDao,
> MitarbeiterDaoImpl<Mitarbeiter> mitarbeiterDao) {
> System.out.println(unteraufgabeDao
> .countUnterunteraufgabenByMitarbeiterID(id,
> this.getId()));
>
> if (unteraufgabeDao.countUnterunteraufgabenByMitarbeiterID(id,
> this
> .getId()) == 1
> ||
> unteraufgabeDao.findById(id).getUnterunteraufgabenListe()
> .size() == 0) {
> Iterator<Unteraufgabe> iterator =
> this.getUnteraufgabenListe()
> .iterator();
> while (iterator.hasNext()) {
> Unteraufgabe unteraufgabe = iterator.next();
> if (unteraufgabe.getId() == id) {
> System.out.println(this.getUnteraufgabenListe().remove(
> unteraufgabe));
> }
> }
> mitarbeiterDao.save(this);
> }
>
> }
>
> /**
> * @param unteraufgabe
> * @param session
> * @param mitarbeiterDao
> */
> public void addUnteraufgabe(Unteraufgabe unteraufgabe, Session
> session,
> MitarbeiterDaoImpl<Mitarbeiter> mitarbeiterDao) {
> // Unteraufgabe u = unteraufgabeDao.findById(id);
> this.getUnteraufgabenListe().add(unteraufgabe);
> mitarbeiterDao.save(this);
>
> }
>
> /**
> * @param id
> * AufgabeID
> * @param session
> * @param aufgabeDao
> * @param mitarbeiterDao
> */
> public void removeAufgabe(int id, Session session,
> AufgabeDaoImpl<Aufgabe> aufgabeDao,
> MitarbeiterDaoImpl<Mitarbeiter> mitarbeiterDao) {
> System.out.println("aufgabe ");
> System.out.println(aufgabeDao.countUnteraufgabenByMitarbeiterID(id,
> this.getId()));
> boolean found = false;
> Aufgabe aufgabe;
> if (aufgabeDao.countUnteraufgabenByMitarbeiterID(id,
> this.getId()) == 0
> ||
> aufgabeDao.findById(id).getUnteraufgabenListe().size() == 0) {
> Iterator<Aufgabe> iterator =
> this.getAufgabenListe().iterator();
> while (iterator.hasNext() && !found) {
> aufgabe = iterator.next();
> if (aufgabe.getId() == id) {
> found = this.getAufgabenListe().remove(aufgabe);
>
> }
> }
> mitarbeiterDao.save(this);
> }
>
> }
>
> /**
> * @param unteraufgabe
> * @param session
> * @param mitarbeiterDao
> */
> public void addAufgabe(Aufgabe aufgabe, Session session,
> MitarbeiterDaoImpl<Mitarbeiter> mitarbeiterDao) {
> // Unteraufgabe u = unteraufgabeDao.findById(id);
> this.getAufgabenListe().add(aufgabe);
> mitarbeiterDao.save(this);
>
> }
>
> public Set<Projekt> getProjekte(Set<Projekt> projekte) {
>
> Set<Projekt> liste = new HashSet<Projekt>();
> for (Projekt pro : projekte) {
>
> Set<Mitarbeiter> projektMitarbeiter =
> pro.getMitarbeiterListe();
> for (Mitarbeiter mit : projektMitarbeiter) {
> if (mit.getId() == this.getId())
> liste.add(pro);
> }
> }
>
> return liste;
>
> }
>
> /**
> * @return the id
> */
>
> public int getId() {
> return id;
> }
>
> /**
> * @param id
> * the id to set
> */
> public void setId(int id) {
> this.id = id;
> }
>
> /**
> * @return the titel
> */
> public Titel getTitel() {
> return titel;
> }
>
> /**
> * @param titel
> * the titel to set
> */
> public void setTitel(Titel titel) {
> this.titel = titel;
> }
>
> /**
> * @return the name
> */
> public String getName() {
> return name;
> }
>
> /**
> * @param name
> * the name to set
> */
> public void setName(String name) {
> this.name = name;
> }
>
> /**
> * @return the vorname
> */
> public String getVorname() {
> return vorname;
> }
>
> /**
> * @param vorname
> * the vorname to set
> */
> public void setVorname(String vorname) {
> this.vorname = vorname;
> }
>
> /**
> * @return the initialen
> */
> public String getInitialen() {
> return initialen;
> }
>
> /**
> * @param initialen
> * the initialen to set
> */
> public void setInitialen(String initialen) {
> this.initialen = initialen;
> }
>
> /**
> * @return the email
> */
> public String getEmail() {
> return email;
> }
>
> /**
> * @param email
> * the email to set
> */
> public void setEmail(String email) {
> this.email = email;
> }
>
> /**
> * @return the projekt
> */
> public Set<Projekt> getProjektListe() {
> return projektListe;
> }
>
> /**
> * @param projekt
> * the projekt to set
> */
> public void setProjektListe(Set<Projekt> projektListe) {
> this.projektListe = projektListe;
> }
>
> /**
> * @return the funktion
> */
> public Set<Funktion> getFunktion() {
> return funktion;
> }
>
> /**
> * @param funktion
> * the funktion to set
> */
> public void setFunktion(Set<Funktion> funktion) {
> this.funktion = funktion;
> }
>
> /**
> * @return the arbeitspaket
> */
> public Set<Arbeitspaket> getArbeitspaket() {
> return arbeitspaket;
> }
>
> /**
> * @param arbeitspaket
> * the arbeitspaket to set
> */
> public void setArbeitspaket(Set<Arbeitspaket> arbeitspaket) {
> this.arbeitspaket = arbeitspaket;
> }
>
> /**
> * @return the mitarbeiterprojekt
> */
> public Set<Mitarbeiterprojekt> getMitarbeiterprojekt() {
> return mitarbeiterprojekt;
> }
>
> /**
> * @param mitarbeiterprojekt
> * the mitarbeiterprojekt to set
> */
> public void setMitarbeiterprojekt(Set<Mitarbeiterprojekt>
> mitarbeiterprojekt) {
> this.mitarbeiterprojekt = mitarbeiterprojekt;
> }
>
> /**
> * @return the rolle
> */
> public Systemrole getSystemrole() {
> return role;
> }
>
> /**
> * @param role
> * the role to set
> */
> public void setSystemole(Systemrole role) {
> this.role = role;
> }
>
> /**
> * @return the unterunteraufgabe
> */
> public Set<Unterunteraufgabe> getUnterunteraufgabenListe() {
> return unterunteraufgabenListe;
> }
>
> /**
> * @param unterunteraufgabe
> * the unterunteraufgabe to set
> */
> public void setUnterunteraufgabenListe(
> Set<Unterunteraufgabe> unterunteraufgabe) {
> this.unterunteraufgabenListe = unterunteraufgabe;
> }
>
> /**
> * @return the aufgabenListe
> */
> public Set<Aufgabe> getAufgabenListe() {
> return aufgabenListe;
> }
>
> /**
> * @param aufgabenListe
> * the aufgabenListe to set
> */
> public void setAufgabenListe(Set<Aufgabe> aufgabenListe) {
> this.aufgabenListe = aufgabenListe;
> }
>
> /**
> * @return the unteraufgabenListe
> */
> public Set<Unteraufgabe> getUnteraufgabenListe() {
> return unteraufgabenListe;
> }
>
> /**
> * @param unteraufgabenListe
> * the unteraufgabenListe to set
> */
> public void setUnteraufgabenListe(Set<Unteraufgabe>
> unteraufgabenListe) {
> this.unteraufgabenListe = unteraufgabenListe;
> }
>
> public String getPassword() {
> return password;
> }
>
> /**
> * @param password
> * the password to set
> */
> public void setPassword(String password) {
>
> // Create a random salt value
> RandomNumberGenerator rng = new SecureRandomNumberGenerator();
> ByteSource salt = rng.nextBytes(128);
> // Set passwordSalt as a string to store in the DB
> setPasswordSalt(salt.toBase64());
> // Create the salted hashed password
> Sha256Hash sha256Hash = new Sha256Hash(password, salt, 1024);
> // Convert to a string for storing in DB
> String hashedPasswordBase64 = sha256Hash.toBase64();
> setPasswordHash(hashedPasswordBase64);
> // Set the password to the text version so it can be used
> // for Shiro authentication
> this.password = password;
>
> // try {
> // this.password = Encrypt.MD5(password);
> // } catch (NoSuchAlgorithmException e) {
> // e.printStackTrace();
> // this.password = password;
> // } catch (UnsupportedEncodingException e) {
> // e.printStackTrace();
> // this.password = password;
> // }
> }
>
> /**
> * @param username
> * the username to set
> */
> public void setUsername(String username) {
> this.username = username;
> }
>
> public String getUsername() {
> return username;
> }
>
> /**
> * @return the role
> */
> public Systemrole getRole() {
> return role;
> }
>
> /**
> * @param role
> * the role to set
> */
> public void setRole(Systemrole role) {
> this.role = role;
> }
>
> /**
> * @return the passwordSalt
> */
> public String getPasswordSalt() {
> return passwordSalt;
> }
>
> /**
> * @param passwordSalt
> * the passwordSalt to set
> */
> public void setPasswordSalt(String passwordSalt) {
> this.passwordSalt = passwordSalt;
> }
>
> /**
> * @return the passwordHash
> */
> public String getPasswordHash() {
> return passwordHash;
> }
>
> /**
> * @param passwordHash
> * the passwordHash to set
> */
> public void setPasswordHash(String passwordHash) {
> this.passwordHash = passwordHash;
> }
>
> }
>
>
>
>
>> <dependency>
>> <groupId>org.tynamo</groupId>
>> <artifactId>tapestry-security</artifactId>
>> <version>0.5.1</version>
>> <exclusions>
>> <exclusion>
>> <groupId>org.apache.tapestry</groupId>
>> <artifactId>tapestry-ioc</artifactId>
>> </exclusion>
>> </exclusions>
>> </dependency>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Securing page with Tapestry
Posted by "Will N." <ll...@yahoo.fr>.
Hi David,
actually, i do not come so far because the error occurs while the
application is starting. So It does not get to the point where the
services are printed.
[INFO] ioc.RegistryBuilder Adding module definition for class
org.apache.tapestry5.ioc.services.TapestryIOCModule
[INFO] ioc.RegistryBuilder Adding module definition for class
org.apache.tapestry5.hibernate.HibernateCoreModule
[INFO] ioc.RegistryBuilder Adding module definition for class
org.apache.tapestry5.json.services.JSONModule
[INFO] ioc.RegistryBuilder Adding module definition for class
org.apache.tapestry5.yuicompressor.services.YuiCompressorModule
[INFO] ioc.RegistryBuilder Adding module definition for class
org.apache.tapestry5.services.TapestryModule
[INFO] ioc.RegistryBuilder Adding module definition for class
org.apache.tapestry5.internal.services.InternalModule
[INFO] ioc.RegistryBuilder Adding module definition for class
org.apache.tapestry5.services.assets.AssetsModule
[INFO] ioc.RegistryBuilder Adding module definition for class
org.apache.tapestry5.services.pageload.PageLoadModule
[INFO] ioc.RegistryBuilder Adding module definition for class
com.example.pms.services.PmsModule
[INFO] ioc.RegistryBuilder Adding module definition for class
com.example.pms.services.DevelopmentModule
2013-08-09 15:00:08.583:WARN::failed pms:
java.lang.IllegalArgumentException: Contribution
com.example.pms.services.PmsModule.contributeWebSecurityManager(Configuration,
Session) (at PmsModule.java:195) is for service 'WebSecurityManager',
which does not exist.
2013-08-09 15:00:08.583:WARN::Failed startup of context
org.mortbay.jetty.webapp.WebAppContext@9a0d40{/pms,C:\Users\xxx\tapestry\pms\src\main\webapp}
java.lang.IllegalArgumentException: Contribution
com.example.pms.services.PmsModule.contributeWebSecurityManager(Configuration,
Session) (at PmsModule.java:195) is for service 'WebSecurityManager',
which does not exist.
at
org.apache.tapestry5.ioc.internal.RegistryImpl.validateContributeDefs(RegistryImpl.java:241)
at
org.apache.tapestry5.ioc.internal.RegistryImpl.<init>(RegistryImpl.java:205)
at
org.apache.tapestry5.ioc.RegistryBuilder.build(RegistryBuilder.java:177)
at
org.apache.tapestry5.internal.TapestryAppInitializer.createRegistry(TapestryAppInitializer.java:200)
at org.apache.tapestry5.TapestryFilter.init(TapestryFilter.java:109)
at org.mortbay.jetty.servlet.FilterHolder.doStart(FilterHolder.java:97)
at
org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
at
org.mortbay.jetty.servlet.ServletHandler.initialize(ServletHandler.java:713)
at org.mortbay.jetty.servlet.Context.startContext(Context.java:140)
at
org.mortbay.jetty.webapp.WebAppContext.startContext(WebAppContext.java:1282)
at
org.mortbay.jetty.handler.ContextHandler.doStart(ContextHandler.java:518)
at
org.mortbay.jetty.webapp.WebAppContext.doStart(WebAppContext.java:499)
at
org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
at
org.mortbay.jetty.handler.HandlerWrapper.doStart(HandlerWrapper.java:130)
at org.mortbay.jetty.Server.doStart(Server.java:224)
at
org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
at runjettyrun.Bootstrap.main(Bootstrap.java:97)
2013-08-09 15:00:08.614:INFO::Started SelectChannelConnector@0.0.0.0:8080
Am 09.08.2013 13:56, schrieb D.R.:
public class PmsModule {
public static void bind(ServiceBinder binder) {
// // binder.bind(MyServiceInterface.class, MyServiceImpl.class);
//
// // Make bind() calls on the binder object to define most IoC
// services.
// // Use service builder methods (example below) when the
// implementation
// // is provided inline, or requires more initialization than
simply
// // invoking the constructor.
binder.bind(ArbeitspaketDao.class, ArbeitspaketDaoImpl.class);
binder.bind(AufgabeDao.class, AufgabeDaoImpl.class);
binder.bind(BasicDao.class, BasicDaoImpl.class);
binder.bind(FunktionDao.class, FunktionDaoImpl.class);
// binder.bind(GrantedAuthorityBeanDao.class,
// GrantedAuthorityBeanDaoImpl.class);
binder.bind(MitarbeiterDao.class, MitarbeiterDaoImpl.class);
binder.bind(MitarbeiterProjektDao.class,
MitarbeiterProjektDaoImpl.class);
binder.bind(ModulDao.class, ModulDaoImpl.class);
binder.bind(PersonMonatDao.class, PersonMonatDaoImpl.class);
binder.bind(UserDataDao.class, UserDataDaoImpl.class);
binder.bind(ProjektDao.class, ProjektDaoImpl.class);
binder.bind(UnteraufgabeDao.class, UnteraufgabeDaoImpl.class);
binder.bind(UnterunteraufgabeDao.class,
UnterunteraufgabeDaoImpl.class);
binder.bind(PrivillegesDao.class, PrivillegesDaoImpl.class);
binder.bind(AuthenticatorInterface.class, AuthenticatorImp.class);
//
}
public static void contributeFactoryDefaults(
MappedConfiguration<String, Object> configuration) {
// The application version number is incorprated into URLs for some
// assets. Web browsers will cache assets because of the far future
// expires
// header. If existing assets are changed, the version number
should
// also
// change, to force the browser to download new versions. This
overrides
// Tapesty's default
// (a random hexadecimal number), but may be further overriden by
// DevelopmentModule or
// QaModule.
configuration.override(SymbolConstants.APPLICATION_VERSION,
"1.0-SNAPSHOT");
}
public static void contributeApplicationDefaults(
MappedConfiguration<String, Object> configuration) {
// Contributions to ApplicationDefaults will override any
contributions
// to
// FactoryDefaults (with the same key). Here we're restricting the
// supported
// locales to just "en" (English). As you add localised message
catalogs
// and other assets,
// you can extend this list of locales (it's a comma separated
series of
// locale names;
// the first locale name is the default when there's no reasonable
// match).
// configuration.add(SymbolConstants.SUPPORTED_LOCALES, "en");
configuration.add(SymbolConstants.SUPPORTED_LOCALES, "de");
configuration.add(SymbolConstants.COMPRESS_WHITESPACE, "true");
}
/**
* This is a service definition, the service will be named
"TimingFilter".
* The interface, RequestFilter, is used within the RequestHandler
service
* pipeline, which is built from the RequestHandler service
configuration.
* Tapestry IoC is responsible for passing in an appropriate Logger
* instance. Requests for static resources are handled at a higher
level, so
* this filter will only be invoked for Tapestry related requests.
* <p/>
* <p/>
* Service builder methods are useful when the implementation is
inline as
* an inner class (as here) or require some other kind of special
* initialization. In most cases, use the static bind() method instead.
* <p/>
* <p/>
* If this method was named "build", then the service id would be
taken from
* the service interface and would be "RequestFilter". Since Tapestry
* already defines a service named "RequestFilter" we use an explicit
* service id that we can reference inside the contribution method.
*/
public RequestFilter buildTimingFilter(final Logger log) {
return new RequestFilter() {
public boolean service(Request request, Response response,
RequestHandler handler) throws IOException {
long startTime = System.currentTimeMillis();
try {
// The responsibility of a filter is to invoke the
// corresponding method
// in the handler. When you chain multiple filters
together,
// each filter
// received a handler that is a bridge to the next
filter.
return handler.service(request, response);
} finally {
long elapsed = System.currentTimeMillis() - startTime;
log.info(String.format("Request time: %d ms",
elapsed));
}
}
};
}
/**
* This is a contribution to the RequestHandler service
configuration. This
* is how we extend Tapestry using the timing filter. A common use
for this
* kind of filter is transaction management or security. The @Local
* annotation selects the desired service by type, but only from
the same
* module. Without @Local, there would be an error due to the other
* service(s) that implement RequestFilter (defined in other modules).
*/
public void contributeRequestHandler(
OrderedConfiguration<RequestFilter> configuration,
@Local RequestFilter filter) {
// Each contribution to an ordered configuration has a name, When
// necessary, you may
// set constraints to precisely control the invocation order of the
// contributed filter
// within the pipeline.
configuration.add("Timing", filter);
}
@SuppressWarnings("unchecked")
public static void contributeComponentRequestHandler(
OrderedConfiguration configuration) {
configuration.addInstance("RequiresLogin",
RequiresLoginFilter.class);
configuration.addInstance("RequiresRole",
RequiresRolesFilter.class);
}
public static void
contributeWebSecurityManager(Configuration<Realm> configuration, Session
session) {
EntityRealm realm = new EntityRealm(session);
HashedCredentialsMatcher hcm = new
HashedCredentialsMatcher("SHA-256");
hcm.setHashIterations(1024);
hcm.setStoredCredentialsHexEncoded(false);
realm.setCredentialsMatcher(hcm);
configuration.add((Realm) realm);
}
package com.example.pms.entities;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.persistence.CascadeType;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.FetchType;
import javax.persistence.GeneratedValue;
import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.JoinColumn;
import javax.persistence.JoinTable;
import javax.persistence.ManyToMany;
import javax.persistence.OneToMany;
import javax.persistence.Table;
import javax.persistence.Transient;
import org.apache.shiro.crypto.RandomNumberGenerator;
import org.apache.shiro.crypto.SecureRandomNumberGenerator;
import org.apache.shiro.crypto.hash.Sha256Hash;
import org.apache.shiro.util.ByteSource;
import org.apache.tapestry5.beaneditor.DataType;
import org.apache.tapestry5.beaneditor.NonVisual;
import org.apache.tapestry5.beaneditor.Validate;
import org.hibernate.Session;
import com.example.pms.Dao.impl.AufgabeDaoImpl;
import com.example.pms.Dao.impl.MitarbeiterDaoImpl;
import com.example.pms.Dao.impl.UnteraufgabeDaoImpl;
import com.example.pms.data.Systemrole;
import com.example.pms.data.Titel;
@Entity
@Table(name = "MITARBEITER")
public class Mitarbeiter {
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
@NonVisual
@Column(name = "ID")
public int id;
@Column(name = "titel")
public Titel titel;
@Column(name = "mitarbeitername", nullable = false)
@Validate("required")
public String name;
@Column(name = "vorname", nullable = false)
@Validate("Required")
public String vorname;
@NonVisual
@Column(name = "systemrole", nullable = false)
@Validate("Required")
public Systemrole role;
private boolean enabled = true;
@Transient
@DataType("password")
private String password;
@NonVisual
private String passwordSalt;
@NonVisual
private String passwordHash;
private String username;
@Column(name = "email", nullable = false)
@Validate("Required, regexp")
public String email;
@Column(name = "initialen", nullable = false, unique = true)
@Validate("Required")
public String initialen;
@OneToMany(mappedBy = "projektleiter")
private Set<Projekt> projektListe;
// Beziehung zur Funktion
@OneToMany(mappedBy = "verantwortlicher", cascade = {
CascadeType.REMOVE })
private Set<Funktion> funktion;
// Beziehung zur Funktion
@OneToMany(mappedBy = "verantwortlicher", cascade = {
CascadeType.REMOVE })
private Set<Arbeitspaket> arbeitspaket;
// Beziehung zum Projekt
@OneToMany(mappedBy = "mitarbeiter")
private Set<Mitarbeiterprojekt> mitarbeiterprojekt;
@ManyToMany(cascade = { CascadeType.ALL }, fetch = FetchType.EAGER)
@JoinTable(name = "MITARBEITER_AUFGABE", joinColumns = {
@JoinColumn(name = "MITARBEITER_ID") }, inverseJoinColumns = {
@JoinColumn(name = "AUFGABE_ID") })
private Set<Aufgabe> aufgabenListe;
@ManyToMany(cascade = { CascadeType.ALL }, fetch = FetchType.EAGER)
@JoinTable(name = "MITARBEITER_UNTERAUFGABE", joinColumns = {
@JoinColumn(name = "MITARBEITER_ID") }, inverseJoinColumns = {
@JoinColumn(name = "UNTERAUFGABE_ID") })
private Set<Unteraufgabe> unteraufgabenListe;
@OneToMany(mappedBy = "verantwortlicher", cascade = {
CascadeType.REMOVE }, fetch = FetchType.EAGER)
// fetch=FetchType.EAGER
private Set<Unterunteraufgabe> unterunteraufgabenListe;
/**
* @return the enabled
*/
public boolean isEnabled() {
return enabled;
}
/**
* @param enabled
* the enabled to set
*/
public void setEnabled(boolean enabled) {
this.enabled = enabled;
}
/**
* @param id
* UnteraufgabeID
* @param session
* @param unteraufgabeDao
* @param mitarbeiterDao
*/
public void removeUnteraufgabe(int id, Session session,
UnteraufgabeDaoImpl<Unteraufgabe> unteraufgabeDao,
MitarbeiterDaoImpl<Mitarbeiter> mitarbeiterDao) {
System.out.println(unteraufgabeDao
.countUnterunteraufgabenByMitarbeiterID(id, this.getId()));
if (unteraufgabeDao.countUnterunteraufgabenByMitarbeiterID(id, this
.getId()) == 1
||
unteraufgabeDao.findById(id).getUnterunteraufgabenListe()
.size() == 0) {
Iterator<Unteraufgabe> iterator = this.getUnteraufgabenListe()
.iterator();
while (iterator.hasNext()) {
Unteraufgabe unteraufgabe = iterator.next();
if (unteraufgabe.getId() == id) {
System.out.println(this.getUnteraufgabenListe().remove(
unteraufgabe));
}
}
mitarbeiterDao.save(this);
}
}
/**
* @param unteraufgabe
* @param session
* @param mitarbeiterDao
*/
public void addUnteraufgabe(Unteraufgabe unteraufgabe, Session session,
MitarbeiterDaoImpl<Mitarbeiter> mitarbeiterDao) {
// Unteraufgabe u = unteraufgabeDao.findById(id);
this.getUnteraufgabenListe().add(unteraufgabe);
mitarbeiterDao.save(this);
}
/**
* @param id
* AufgabeID
* @param session
* @param aufgabeDao
* @param mitarbeiterDao
*/
public void removeAufgabe(int id, Session session,
AufgabeDaoImpl<Aufgabe> aufgabeDao,
MitarbeiterDaoImpl<Mitarbeiter> mitarbeiterDao) {
System.out.println("aufgabe ");
System.out.println(aufgabeDao.countUnteraufgabenByMitarbeiterID(id,
this.getId()));
boolean found = false;
Aufgabe aufgabe;
if (aufgabeDao.countUnteraufgabenByMitarbeiterID(id,
this.getId()) == 0
||
aufgabeDao.findById(id).getUnteraufgabenListe().size() == 0) {
Iterator<Aufgabe> iterator =
this.getAufgabenListe().iterator();
while (iterator.hasNext() && !found) {
aufgabe = iterator.next();
if (aufgabe.getId() == id) {
found = this.getAufgabenListe().remove(aufgabe);
}
}
mitarbeiterDao.save(this);
}
}
/**
* @param unteraufgabe
* @param session
* @param mitarbeiterDao
*/
public void addAufgabe(Aufgabe aufgabe, Session session,
MitarbeiterDaoImpl<Mitarbeiter> mitarbeiterDao) {
// Unteraufgabe u = unteraufgabeDao.findById(id);
this.getAufgabenListe().add(aufgabe);
mitarbeiterDao.save(this);
}
public Set<Projekt> getProjekte(Set<Projekt> projekte) {
Set<Projekt> liste = new HashSet<Projekt>();
for (Projekt pro : projekte) {
Set<Mitarbeiter> projektMitarbeiter =
pro.getMitarbeiterListe();
for (Mitarbeiter mit : projektMitarbeiter) {
if (mit.getId() == this.getId())
liste.add(pro);
}
}
return liste;
}
/**
* @return the id
*/
public int getId() {
return id;
}
/**
* @param id
* the id to set
*/
public void setId(int id) {
this.id = id;
}
/**
* @return the titel
*/
public Titel getTitel() {
return titel;
}
/**
* @param titel
* the titel to set
*/
public void setTitel(Titel titel) {
this.titel = titel;
}
/**
* @return the name
*/
public String getName() {
return name;
}
/**
* @param name
* the name to set
*/
public void setName(String name) {
this.name = name;
}
/**
* @return the vorname
*/
public String getVorname() {
return vorname;
}
/**
* @param vorname
* the vorname to set
*/
public void setVorname(String vorname) {
this.vorname = vorname;
}
/**
* @return the initialen
*/
public String getInitialen() {
return initialen;
}
/**
* @param initialen
* the initialen to set
*/
public void setInitialen(String initialen) {
this.initialen = initialen;
}
/**
* @return the email
*/
public String getEmail() {
return email;
}
/**
* @param email
* the email to set
*/
public void setEmail(String email) {
this.email = email;
}
/**
* @return the projekt
*/
public Set<Projekt> getProjektListe() {
return projektListe;
}
/**
* @param projekt
* the projekt to set
*/
public void setProjektListe(Set<Projekt> projektListe) {
this.projektListe = projektListe;
}
/**
* @return the funktion
*/
public Set<Funktion> getFunktion() {
return funktion;
}
/**
* @param funktion
* the funktion to set
*/
public void setFunktion(Set<Funktion> funktion) {
this.funktion = funktion;
}
/**
* @return the arbeitspaket
*/
public Set<Arbeitspaket> getArbeitspaket() {
return arbeitspaket;
}
/**
* @param arbeitspaket
* the arbeitspaket to set
*/
public void setArbeitspaket(Set<Arbeitspaket> arbeitspaket) {
this.arbeitspaket = arbeitspaket;
}
/**
* @return the mitarbeiterprojekt
*/
public Set<Mitarbeiterprojekt> getMitarbeiterprojekt() {
return mitarbeiterprojekt;
}
/**
* @param mitarbeiterprojekt
* the mitarbeiterprojekt to set
*/
public void setMitarbeiterprojekt(Set<Mitarbeiterprojekt>
mitarbeiterprojekt) {
this.mitarbeiterprojekt = mitarbeiterprojekt;
}
/**
* @return the rolle
*/
public Systemrole getSystemrole() {
return role;
}
/**
* @param role
* the role to set
*/
public void setSystemole(Systemrole role) {
this.role = role;
}
/**
* @return the unterunteraufgabe
*/
public Set<Unterunteraufgabe> getUnterunteraufgabenListe() {
return unterunteraufgabenListe;
}
/**
* @param unterunteraufgabe
* the unterunteraufgabe to set
*/
public void setUnterunteraufgabenListe(
Set<Unterunteraufgabe> unterunteraufgabe) {
this.unterunteraufgabenListe = unterunteraufgabe;
}
/**
* @return the aufgabenListe
*/
public Set<Aufgabe> getAufgabenListe() {
return aufgabenListe;
}
/**
* @param aufgabenListe
* the aufgabenListe to set
*/
public void setAufgabenListe(Set<Aufgabe> aufgabenListe) {
this.aufgabenListe = aufgabenListe;
}
/**
* @return the unteraufgabenListe
*/
public Set<Unteraufgabe> getUnteraufgabenListe() {
return unteraufgabenListe;
}
/**
* @param unteraufgabenListe
* the unteraufgabenListe to set
*/
public void setUnteraufgabenListe(Set<Unteraufgabe>
unteraufgabenListe) {
this.unteraufgabenListe = unteraufgabenListe;
}
public String getPassword() {
return password;
}
/**
* @param password
* the password to set
*/
public void setPassword(String password) {
// Create a random salt value
RandomNumberGenerator rng = new SecureRandomNumberGenerator();
ByteSource salt = rng.nextBytes(128);
// Set passwordSalt as a string to store in the DB
setPasswordSalt(salt.toBase64());
// Create the salted hashed password
Sha256Hash sha256Hash = new Sha256Hash(password, salt, 1024);
// Convert to a string for storing in DB
String hashedPasswordBase64 = sha256Hash.toBase64();
setPasswordHash(hashedPasswordBase64);
// Set the password to the text version so it can be used
// for Shiro authentication
this.password = password;
// try {
// this.password = Encrypt.MD5(password);
// } catch (NoSuchAlgorithmException e) {
// e.printStackTrace();
// this.password = password;
// } catch (UnsupportedEncodingException e) {
// e.printStackTrace();
// this.password = password;
// }
}
/**
* @param username
* the username to set
*/
public void setUsername(String username) {
this.username = username;
}
public String getUsername() {
return username;
}
/**
* @return the role
*/
public Systemrole getRole() {
return role;
}
/**
* @param role
* the role to set
*/
public void setRole(Systemrole role) {
this.role = role;
}
/**
* @return the passwordSalt
*/
public String getPasswordSalt() {
return passwordSalt;
}
/**
* @param passwordSalt
* the passwordSalt to set
*/
public void setPasswordSalt(String passwordSalt) {
this.passwordSalt = passwordSalt;
}
/**
* @return the passwordHash
*/
public String getPasswordHash() {
return passwordHash;
}
/**
* @param passwordHash
* the passwordHash to set
*/
public void setPasswordHash(String passwordHash) {
this.passwordHash = passwordHash;
}
}
> <dependency>
> <groupId>org.tynamo</groupId>
> <artifactId>tapestry-security</artifactId>
> <version>0.5.1</version>
> <exclusions>
> <exclusion>
> <groupId>org.apache.tapestry</groupId>
> <artifactId>tapestry-ioc</artifactId>
> </exclusion>
> </exclusions>
> </dependency>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Securing page with Tapestry
Posted by "D.R." <d....@googlemail.com>.
Hi Will,
provide some code pls. Is this the full stacktrace?
Do you see the service definition in the startup log, like this?
[INFO] tapestry5.TapestryFilter Startup status:
Services:
...
WebSecurityManager: DEFINED
In addition i had to exclude t5-ioc as the versions did not match:
<dependency>
<groupId>org.tynamo</groupId>
<artifactId>tapestry-security</artifactId>
<version>0.5.1</version>
<exclusions>
<exclusion>
<groupId>org.apache.tapestry</groupId>
<artifactId>tapestry-ioc</artifactId>
</exclusion>
</exclusions>
</dependency>
With kind regards
David
Am 09.08.2013 12:07, schrieb Will N.:
> Hi,
> this is what i got when i follow the instructions in the mentioned
> tutorial.
>
> 2013-08-09 11:57:05.504:WARN::failed pms:
> java.lang.IllegalArgumentException: Contribution
> com.example.pms.services.PmsModule.contributeWebSecurityManager(Configuration,
> Session) (at PmsModule.java:193) is for service 'interface
> org.apache.shiro.web.mgt.WebSecurityManager' qualified with marker
> annotations [], which does not exist.
> 2013-08-09 11:57:05.504:WARN::Failed startup of context
> org.mortbay.jetty.webapp.WebAppContext@1b77bbb{/pms,C:\Users\xxx\tapestry\pms\src\main\webapp}
> java.lang.IllegalArgumentException: Contribution
> com.example.pms.services.PmsModule.contributeWebSecurityManager(Configuration,
> Session) (at PmsModule.java:193) is for service 'interface
> org.apache.shiro.web.mgt.WebSecurityManager' qualified with marker
> annotations [], which does not exist.
> at
> org.apache.tapestry5.ioc.internal.RegistryImpl.validateContributeDefs(RegistryImpl.java:246)
> at
> org.apache.tapestry5.ioc.internal.RegistryImpl.<init>(RegistryImpl.java:205)
> at
> org.apache.tapestry5.ioc.RegistryBuilder.build(RegistryBuilder.java:177)
> at
> org.apache.tapestry5.internal.TapestryAppInitializer.createRegistry(TapestryAppInitializer.java:200)
> at org.apache.tapestry5.TapestryFilter.init(TapestryFilter.java:109)
> at
> org.mortbay.jetty.servlet.FilterHolder.doStart(FilterHolder.java:97)
> at
> org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
> at
> org.mortbay.jetty.servlet.ServletHandler.initialize(ServletHandler.java:713)
> at org.mortbay.jetty.servlet.Context.startContext(Context.java:140)
> at
> org.mortbay.jetty.webapp.WebAppContext.startContext(WebAppContext.java:1282)
> at
> org.mortbay.jetty.handler.ContextHandler.doStart(ContextHandler.java:518)
> at
> org.mortbay.jetty.webapp.WebAppContext.doStart(WebAppContext.java:499)
> at
> org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
> at
> org.mortbay.jetty.handler.HandlerWrapper.doStart(HandlerWrapper.java:130)
> at org.mortbay.jetty.Server.doStart(Server.java:224)
> at
> org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
> at runjettyrun.Bootstrap.main(Bootstrap.java:97)
> 2013-08-09 11:57:05.534:INFO::Started SelectChannelConnector@0.0.0.0:8080
>
>
>
> Am 07.08.2013 13:20, schrieb D.R.:
>> Hi,
>>
>> i also want to suggest tynamo tapestry-security.
>>
>> As a quickstart is missing, i recommend this post:
>> http://comments.gmane.org/gmane.comp.java.tynamo.user/287
>>
>> With the instructions given there, you can quickly setup
>> tapestry-security and use this as a starting point.
>>
>>
>> With kind regards
>> David
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Securing page with Tapestry
Posted by "Will N." <ll...@yahoo.fr>.
Hi,
this is what i got when i follow the instructions in the mentioned tutorial.
2013-08-09 11:57:05.504:WARN::failed pms:
java.lang.IllegalArgumentException: Contribution
com.example.pms.services.PmsModule.contributeWebSecurityManager(Configuration,
Session) (at PmsModule.java:193) is for service 'interface
org.apache.shiro.web.mgt.WebSecurityManager' qualified with marker
annotations [], which does not exist.
2013-08-09 11:57:05.504:WARN::Failed startup of context
org.mortbay.jetty.webapp.WebAppContext@1b77bbb{/pms,C:\Users\xxx\tapestry\pms\src\main\webapp}
java.lang.IllegalArgumentException: Contribution
com.example.pms.services.PmsModule.contributeWebSecurityManager(Configuration,
Session) (at PmsModule.java:193) is for service 'interface
org.apache.shiro.web.mgt.WebSecurityManager' qualified with marker
annotations [], which does not exist.
at
org.apache.tapestry5.ioc.internal.RegistryImpl.validateContributeDefs(RegistryImpl.java:246)
at
org.apache.tapestry5.ioc.internal.RegistryImpl.<init>(RegistryImpl.java:205)
at
org.apache.tapestry5.ioc.RegistryBuilder.build(RegistryBuilder.java:177)
at
org.apache.tapestry5.internal.TapestryAppInitializer.createRegistry(TapestryAppInitializer.java:200)
at org.apache.tapestry5.TapestryFilter.init(TapestryFilter.java:109)
at org.mortbay.jetty.servlet.FilterHolder.doStart(FilterHolder.java:97)
at
org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
at
org.mortbay.jetty.servlet.ServletHandler.initialize(ServletHandler.java:713)
at org.mortbay.jetty.servlet.Context.startContext(Context.java:140)
at
org.mortbay.jetty.webapp.WebAppContext.startContext(WebAppContext.java:1282)
at
org.mortbay.jetty.handler.ContextHandler.doStart(ContextHandler.java:518)
at
org.mortbay.jetty.webapp.WebAppContext.doStart(WebAppContext.java:499)
at
org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
at
org.mortbay.jetty.handler.HandlerWrapper.doStart(HandlerWrapper.java:130)
at org.mortbay.jetty.Server.doStart(Server.java:224)
at
org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
at runjettyrun.Bootstrap.main(Bootstrap.java:97)
2013-08-09 11:57:05.534:INFO::Started SelectChannelConnector@0.0.0.0:8080
Am 07.08.2013 13:20, schrieb D.R.:
> Hi,
>
> i also want to suggest tynamo tapestry-security.
>
> As a quickstart is missing, i recommend this post:
> http://comments.gmane.org/gmane.comp.java.tynamo.user/287
>
> With the instructions given there, you can quickly setup
> tapestry-security and use this as a starting point.
>
>
> With kind regards
> David
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Securing page with Tapestry
Posted by "D.R." <d....@googlemail.com>.
Hi,
i also want to suggest tynamo tapestry-security.
As a quickstart is missing, i recommend this post:
http://comments.gmane.org/gmane.comp.java.tynamo.user/287
With the instructions given there, you can quickly setup
tapestry-security and use this as a starting point.
With kind regards
David
Am 06.08.2013 16:46, schrieb Lenny Primak:
> Wy don't you use the wonderful tynamo tapestry-security library.
> It works great out of the box and easy to integrate.
>
> On Aug 6, 2013, at 3:10 AM, "Will N." <ll...@yahoo.fr> wrote:
>
>> Hi,
>> I am trying secure some pages of my application as shown in this tutorial. http://tapestryjava.blogspot.co.uk/search/label/security
>> But I am having following error message when I start the application.
>> Since the RequiresLoginFilte class implements the ComponentRequestFilter interface, I am confused about the coertion error!
>>
>>
>> [ERROR] ioc.Registry Error invoking service contribution method com.example.pms.services.PmsModule.contributeComponentRequestHandler(OrderedConfiguration): Could not find a coercion from type com.example.pms.services.RequiresLoginFilter to type org.apache.tapestry5.services.ComponentRequestFilter.
>> [ERROR] ioc.Registry Operations trace:
>> [ERROR] ioc.Registry [ 1] Realizing service ComponentRequestHandler
>> [ERROR] ioc.Registry [ 2] Instantiating service ComponentRequestHandler implementation via org.apache.tapestry5.services.TapestryModule.buildComponentRequestHandler(List, ComponentRequestHandlerTerminator, Logger) (at TapestryModule.java:2690)
>> [ERROR] ioc.Registry [ 3] Creating plan to invoke public org.apache.tapestry5.services.ComponentRequestHandler org.apache.tapestry5.services.TapestryModule.buildComponentRequestHandler(java.util.List,org.apache.tapestry5.internal.services.ComponentRequestHandlerTerminator,org.slf4j.Logger)
>> [ERROR] ioc.Registry [ 4] Determining injection value for parameter #1 (java.util.List)
>> [ERROR] ioc.Registry [ 5] Collecting ordered configuration for service ComponentRequestHandler
>> [ERROR] ioc.Registry [ 6] Invoking com.example.pms.services.PmsModule.contributeComponentRequestHandler(OrderedConfiguration) (at PmsModule.java:146)
>> [ERROR] TapestryModule.ComponentRequestHandler Construction of service ComponentRequestHandler failed: Error invoking service contribution method com.example.pms.services.PmsModule.contributeComponentRequestHandler(OrderedConfiguration): Could not find a coercion from type com.example.pms.services.RequiresLoginFilter to type org.apache.tapestry5.services.ComponentRequestFilter.
>> org.apache.tapestry5.ioc.internal.OperationException: Error invoking service contribution method com.example.pms.services.PmsModule.contributeComponentRequestHandler(OrderedConfiguration): Could not find a coercion from type com.example.pms.services.RequiresLoginFilter to type org.apache.tapestry5.services.ComponentRequestFilter.
>> at org.apache.tapestry5.ioc.internal.OperationTrackerImpl.logAndRethrow(OperationTrackerImpl.java:121)
>> at org.apache.tapestry5.ioc.internal.OperationTrackerImpl.invoke(OperationTrackerImpl.java:88)
>> at org.apache.tapestry5.ioc.internal.OperationTrackerImpl.run(OperationTrackerImpl.java:47)
>> at org.apache.tapestry5.ioc.internal.PerThreadOperationTracker.run(PerThreadOperationTracker.java:76)
>> at org.apache.tapestry5.ioc.internal.RegistryImpl.addToOrderedConfiguration(RegistryImpl.java:629)
>> at org.apache.tapestry5.ioc.internal.RegistryImpl.getOrderedConfiguration(RegistryImpl.java:483)
>> at org.apache.tapestry5.ioc.internal.ServiceResourcesImpl$2.invoke(ServiceResourcesImpl.java:110)...
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> For additional commands, e-mail: users-help@tapestry.apache.org
>>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Securing page with Tapestry
Posted by Lenny Primak <lp...@hope.nyc.ny.us>.
Wy don't you use the wonderful tynamo tapestry-security library.
It works great out of the box and easy to integrate.
On Aug 6, 2013, at 3:10 AM, "Will N." <ll...@yahoo.fr> wrote:
> Hi,
> I am trying secure some pages of my application as shown in this tutorial. http://tapestryjava.blogspot.co.uk/search/label/security
> But I am having following error message when I start the application.
> Since the RequiresLoginFilte class implements the ComponentRequestFilter interface, I am confused about the coertion error!
>
>
> [ERROR] ioc.Registry Error invoking service contribution method com.example.pms.services.PmsModule.contributeComponentRequestHandler(OrderedConfiguration): Could not find a coercion from type com.example.pms.services.RequiresLoginFilter to type org.apache.tapestry5.services.ComponentRequestFilter.
> [ERROR] ioc.Registry Operations trace:
> [ERROR] ioc.Registry [ 1] Realizing service ComponentRequestHandler
> [ERROR] ioc.Registry [ 2] Instantiating service ComponentRequestHandler implementation via org.apache.tapestry5.services.TapestryModule.buildComponentRequestHandler(List, ComponentRequestHandlerTerminator, Logger) (at TapestryModule.java:2690)
> [ERROR] ioc.Registry [ 3] Creating plan to invoke public org.apache.tapestry5.services.ComponentRequestHandler org.apache.tapestry5.services.TapestryModule.buildComponentRequestHandler(java.util.List,org.apache.tapestry5.internal.services.ComponentRequestHandlerTerminator,org.slf4j.Logger)
> [ERROR] ioc.Registry [ 4] Determining injection value for parameter #1 (java.util.List)
> [ERROR] ioc.Registry [ 5] Collecting ordered configuration for service ComponentRequestHandler
> [ERROR] ioc.Registry [ 6] Invoking com.example.pms.services.PmsModule.contributeComponentRequestHandler(OrderedConfiguration) (at PmsModule.java:146)
> [ERROR] TapestryModule.ComponentRequestHandler Construction of service ComponentRequestHandler failed: Error invoking service contribution method com.example.pms.services.PmsModule.contributeComponentRequestHandler(OrderedConfiguration): Could not find a coercion from type com.example.pms.services.RequiresLoginFilter to type org.apache.tapestry5.services.ComponentRequestFilter.
> org.apache.tapestry5.ioc.internal.OperationException: Error invoking service contribution method com.example.pms.services.PmsModule.contributeComponentRequestHandler(OrderedConfiguration): Could not find a coercion from type com.example.pms.services.RequiresLoginFilter to type org.apache.tapestry5.services.ComponentRequestFilter.
> at org.apache.tapestry5.ioc.internal.OperationTrackerImpl.logAndRethrow(OperationTrackerImpl.java:121)
> at org.apache.tapestry5.ioc.internal.OperationTrackerImpl.invoke(OperationTrackerImpl.java:88)
> at org.apache.tapestry5.ioc.internal.OperationTrackerImpl.run(OperationTrackerImpl.java:47)
> at org.apache.tapestry5.ioc.internal.PerThreadOperationTracker.run(PerThreadOperationTracker.java:76)
> at org.apache.tapestry5.ioc.internal.RegistryImpl.addToOrderedConfiguration(RegistryImpl.java:629)
> at org.apache.tapestry5.ioc.internal.RegistryImpl.getOrderedConfiguration(RegistryImpl.java:483)
> at org.apache.tapestry5.ioc.internal.ServiceResourcesImpl$2.invoke(ServiceResourcesImpl.java:110)...
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Securing page with Tapestry
Posted by "Will N." <ll...@yahoo.fr>.
Hi,
I am trying secure some pages of my application as shown in this
tutorial. http://tapestryjava.blogspot.co.uk/search/label/security
But I am having following error message when I start the application.
Since the RequiresLoginFilte class implements the ComponentRequestFilter
interface, I am confused about the coertion error!
[ERROR] ioc.Registry Error invoking service contribution method
com.example.pms.services.PmsModule.contributeComponentRequestHandler(OrderedConfiguration):
Could not find a coercion from type
com.example.pms.services.RequiresLoginFilter to type
org.apache.tapestry5.services.ComponentRequestFilter.
[ERROR] ioc.Registry Operations trace:
[ERROR] ioc.Registry [ 1] Realizing service ComponentRequestHandler
[ERROR] ioc.Registry [ 2] Instantiating service ComponentRequestHandler
implementation via
org.apache.tapestry5.services.TapestryModule.buildComponentRequestHandler(List,
ComponentRequestHandlerTerminator, Logger) (at TapestryModule.java:2690)
[ERROR] ioc.Registry [ 3] Creating plan to invoke public
org.apache.tapestry5.services.ComponentRequestHandler
org.apache.tapestry5.services.TapestryModule.buildComponentRequestHandler(java.util.List,org.apache.tapestry5.internal.services.ComponentRequestHandlerTerminator,org.slf4j.Logger)
[ERROR] ioc.Registry [ 4] Determining injection value for parameter #1
(java.util.List)
[ERROR] ioc.Registry [ 5] Collecting ordered configuration for service
ComponentRequestHandler
[ERROR] ioc.Registry [ 6] Invoking
com.example.pms.services.PmsModule.contributeComponentRequestHandler(OrderedConfiguration)
(at PmsModule.java:146)
[ERROR] TapestryModule.ComponentRequestHandler Construction of service
ComponentRequestHandler failed: Error invoking service contribution
method
com.example.pms.services.PmsModule.contributeComponentRequestHandler(OrderedConfiguration):
Could not find a coercion from type
com.example.pms.services.RequiresLoginFilter to type
org.apache.tapestry5.services.ComponentRequestFilter.
org.apache.tapestry5.ioc.internal.OperationException: Error invoking
service contribution method
com.example.pms.services.PmsModule.contributeComponentRequestHandler(OrderedConfiguration):
Could not find a coercion from type
com.example.pms.services.RequiresLoginFilter to type
org.apache.tapestry5.services.ComponentRequestFilter.
at
org.apache.tapestry5.ioc.internal.OperationTrackerImpl.logAndRethrow(OperationTrackerImpl.java:121)
at
org.apache.tapestry5.ioc.internal.OperationTrackerImpl.invoke(OperationTrackerImpl.java:88)
at
org.apache.tapestry5.ioc.internal.OperationTrackerImpl.run(OperationTrackerImpl.java:47)
at
org.apache.tapestry5.ioc.internal.PerThreadOperationTracker.run(PerThreadOperationTracker.java:76)
at
org.apache.tapestry5.ioc.internal.RegistryImpl.addToOrderedConfiguration(RegistryImpl.java:629)
at
org.apache.tapestry5.ioc.internal.RegistryImpl.getOrderedConfiguration(RegistryImpl.java:483)
at
org.apache.tapestry5.ioc.internal.ServiceResourcesImpl$2.invoke(ServiceResourcesImpl.java:110)...
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Proposal for a new book: Mastering Apache Tapestry
Posted by Thiago H de Paula Figueiredo <th...@gmail.com>.
On Mon, 05 Aug 2013 19:10:57 -0300, Dimitris Zenios
<di...@gmail.com> wrote:
> I would love to see a book for tapestry-ioc,plastic only.And how it can
> integrate with other forms of application and compete with spring etc etc
This book has the intention of covering 100% of Tapestry-IoC and most of
Plastic, at least the parts relevant to show how to write class
transformations like the ones Tapestry does for @Inject, @Property, etc. I
like the idea of comparing Tapestry-IoC with Spring and other dependency
injection frameworks. :)
What other forms of application you're talking about? 'Integration' is a
word which is used with different meanings in different contexts and even
from different people. For example, if tapestry5-jquery just provided the
inclusion of jQuery, I wouldn't call it an integration. But it does
provide components and mixins that automates the use of some parts of
jQuery UI, so I call it an integration.
--
Thiago H. de Paula Figueiredo
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Proposal for a new book: Mastering Apache Tapestry
Posted by Dimitris Zenios <di...@gmail.com>.
I would love to see a book for tapestry-ioc,plastic only.And how it can
integrate with other forms of application and compete with spring etc etc
On Tue, Aug 6, 2013 at 12:20 AM, Thiago H de Paula Figueiredo <
thiagohp@gmail.com> wrote:
> On Mon, 05 Aug 2013 17:13:54 -0300, Thiago H de Paula Figueiredo <
> thiago@arsmachina.com.br> wrote:
>
> * I thought about a cookbook section, but I'm not sure what people would
>> find interesting.
>>
>> * You may suggest by asking questions about Tapestry or how to implement
>> something with it, even if it sounds preposterous.
>>
>
> For the two items above, I'd love to hear questions like "What part of
> Tapestry does X?" or "How can I implement X in Tapestry?", where X is not
> vague ('charts' vague, 'JFreeChart' non-vague) and the answer is not easily
> found when Googling it. I want to write a book that provides information
> not yet found elsewhere.
>
>
> --
> Thiago H. de Paula Figueiredo
>
> ------------------------------**------------------------------**---------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.**apache.org<us...@tapestry.apache.org>
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
Re: Proposal for a new book: Mastering Apache Tapestry
Posted by Thiago H de Paula Figueiredo <th...@gmail.com>.
On Mon, 05 Aug 2013 17:13:54 -0300, Thiago H de Paula Figueiredo
<th...@arsmachina.com.br> wrote:
> * I thought about a cookbook section, but I'm not sure what people would
> find interesting.
>
> * You may suggest by asking questions about Tapestry or how to implement
> something with it, even if it sounds preposterous.
For the two items above, I'd love to hear questions like "What part of
Tapestry does X?" or "How can I implement X in Tapestry?", where X is not
vague ('charts' vague, 'JFreeChart' non-vague) and the answer is not
easily found when Googling it. I want to write a book that provides
information not yet found elsewhere.
--
Thiago H. de Paula Figueiredo
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Proposal for a new book: Mastering Apache Tapestry
Posted by Arve Klev <ar...@gmail.com>.
I would like such a book, and hope that it will be based on the upcoming
Tapestry 5.4-version.
That way the book will be relevant regardless of Igor's book (witch I also
bought).
A good in-depth example of integration-testing would be nice.
Regards,
Arve Klev (arveklev@gmail.com)