You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tapestry.apache.org by James Carman <ja...@carmanconsulting.com> on 2006/06/07 14:47:11 UTC
Permissions Mapping...
All,
You guys are the experts. I have a design question. I am creating a
tapestry/acegi integration package (parts of it are already done). What I
need to figure out is how to decide what roles an in-coming request
requires? If it's a PageService request, I can check the page class for a
@RequiredRole annotation. If it's a DirectService request, I can check the
method for a @RequiredRole annotation. But, how do I do this in a general
way? Any ideas?
James
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
For additional commands, e-mail: dev-help@tapestry.apache.org
Re: Permissions Mapping...
Posted by Jesse Kuhnert <jk...@gmail.com>.
Hmm... Without knowing all of the details I'd say you'd have to do something
like:
-) Add your annotation enhancement worker to the hivemind configuration
point for annotation workers.
-) Based on the annotation values passed in, decide if you want to enhance
the class right there , or choose to delegate the work to a hivemind
service.
It sounds like you are going for delegation, so you'd need to look at some
of the other annotation or normal enhancement workser for reference on how
to add an injected field. (InjectObjectWorker sounds like a good candidate
for browsing no? )
-) I have no idea what your helper classes signature is like for what
input/output the methods have but then you'll need to look at the IComponent
or IPage/page listener interfaces to decide what makes the most sense for
your use case.
-) There are enhancement workers that handle the page event listeners
already, as well as tons that do the pageLoad stuff so that should handle
that right?
-) The Direct/any engine services are pretty damn easy to intercept now
because all of them call "triggerComponent" (or something like that) to
actually invoke a listener.
On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
>
> So, where would I put the logic to add a PageValidateListener to the page
> if
> it has a @Secure annotation? I plan on using
> EnhancementOperation.extendMethodImplementation(), but I don't know what
> signature to pass. I've got a special class that does validation based on
> @Secure annotations and I need to know how to hook it to my page.
>
> -----Original Message-----
> From: Jesse Kuhnert [mailto:jkuhnert@gmail.com]
> Sent: Wednesday, June 07, 2006 3:25 PM
> To: Tapestry development
> Subject: Re: Permissions Mapping...
>
> You're awesome!! Between hibernate and acegi you're filling in two of the
> biggest holes we've had. (beside maybe cleaning up the site and some
> documentation ..cough )
>
> On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> >
> > Well, hopefully Acegi support will be done soon. So, we can put that to
> > rest. :-)
> >
> > -----Original Message-----
> > From: Jesse Kuhnert [mailto:jkuhnert@gmail.com]
> > Sent: Wednesday, June 07, 2006 3:16 PM
> > To: Tapestry development
> > Subject: Re: Permissions Mapping...
> >
> > Glad I could be helpful :) The one added bonus of all the recent work
> > being
> > done in tapestry is that I feel pretty comforatable being able to
> > maintain/enhance the tapestry4 series now.
> >
> > Hopefully when 4.1 is done coming out we can all attack the
> bugs/features
> > that have been annoying everyone for so long.
> >
> > On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> > >
> > > Okay, great. As always, thanks for your help! :-)
> > >
> > >
> > > -----Original Message-----
> > > From: Jesse Kuhnert [mailto:jkuhnert@gmail.com]
> > > Sent: Wednesday, June 07, 2006 3:01 PM
> > > To: Tapestry development
> > > Subject: Re: Permissions Mapping...
> > >
> > > Tons of things contribute to the pageLoaded method..There's also my
> new
> > > Render chain that gets called after any component renders. (ie after
> > > renderComponent) . I would look at the pageLoaded method enhancers..I
> > > think
> > > anything dealing with injection/properties does this. (not in
> > annotations,
> > > in org.apache.tapestry.enahance)
> > >
> > > On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> > > >
> > > > I'm looking for something that implements/overrides a method, but
> > > doesn't
> > > > "claim" it.
> > > >
> > > > -----Original Message-----
> > > > From: Jesse Kuhnert [mailto:jkuhnert@gmail.com]
> > > > Sent: Wednesday, June 07, 2006 2:27 PM
> > > > To: Tapestry development
> > > > Subject: Re: Permissions Mapping...
> > > >
> > > > EventListener . Yeah I think there are some enchancers that run for
> it
> > > > (later, not in the annotation src though)... It's kind of up to you
> if
> > > you
> > > > need to enhance anything or not ;) (Personally I'd probably just use
> > the
> > > > annotations to provide a global cached sort of data lookup that some
> > > other
> > > > service could then use to do security stuff...Or somethin like that
> ;)
> > )
> > > >
> > > > On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> > > > >
> > > > > Which ones? I assume there are enhancers that take care of them,
> > too.
> > > > :-)
> > > > >
> > > > > -----Original Message-----
> > > > > From: Jesse Kuhnert [mailto:jkuhnert@gmail.com]
> > > > > Sent: Wednesday, June 07, 2006 2:18 PM
> > > > > To: Tapestry development
> > > > > Subject: Re: Permissions Mapping...
> > > > >
> > > > > I just added some method level annotations into tapestry4/trunk if
> > > that
> > > > > helps...
> > > > >
> > > > > On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> > > > > >
> > > > > > Howard,
> > > > > >
> > > > > > Cool idea and I was considering it too. But, would there be a
> > nice
> > > > way
> > > > > to
> > > > > > specify this without using annotations? I'm not really against
> > > them,
> > > > > but
> > > > > > some users get turned off by it. Also, do you have some example
> > > code
> > > > > > somewhere that I could "borrow"? Javassist isn't the easiest
> > thing
> > > in
> > > > > the
> > > > > > world, you know. :-)
> > > > > >
> > > > > > James
> > > > > >
> > > > > > -----Original Message-----
> > > > > > From: Howard Lewis Ship [mailto:hlship@gmail.com]
> > > > > > Sent: Wednesday, June 07, 2006 2:06 PM
> > > > > > To: Tapestry development
> > > > > > Subject: Re: Permissions Mapping...
> > > > > >
> > > > > > What I did was create a @Privileged annotation. The annotation
> > > value
> > > > > was
> > > > > > the name of the required role. You could attach this method to
> > > > classes,
> > > > > or
> > > > > > to methods. @Privileged is inherited, and @Privileged("") means
> > no
> > > > > > special
> > > > > > privilege required.
> > > > > >
> > > > > > For classes, it implemented/extended PageValidateListener to
> check
> > > the
> > > > > > permission.
> > > > > >
> > > > > > For methods, it overrided the method to add a check before
> > invoking
> > > > > > super().
> > > > > >
> > > > > > I extended Tapestry class and method annotation workers to
> handle
> > > > these
> > > > > > annotations.
> > > > > >
> > > > > > Worked like a charm.
> > > > > >
> > > > > > This approach puts the logic right into the pages or methods,
> > which
> > > is
> > > > > > where
> > > > > > I think it belongs.
> > > > > >
> > > > > > On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> > > > > > >
> > > > > > > All,
> > > > > > >
> > > > > > > You guys are the experts. I have a design question. I am
> > > creating
> > > > a
> > > > > > > tapestry/acegi integration package (parts of it are already
> > > > > done). What
> > > > > > I
> > > > > > > need to figure out is how to decide what roles an in-coming
> > > request
> > > > > > > requires? If it's a PageService request, I can check the page
> > > class
> > > > > for
> > > > > > a
> > > > > > > @RequiredRole annotation. If it's a DirectService request, I
> > can
> > > > > check
> > > > > > > the
> > > > > > > method for a @RequiredRole annotation. But, how do I do this
> in
> > a
> > > > > > general
> > > > > > > way? Any ideas?
> > > > > > >
> > > > > > > James
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > >
> ---------------------------------------------------------------------
> > > > > > > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > > > > > > For additional commands, e-mail: dev-help@tapestry.apache.org
> > > > > > >
> > > > > > >
> > > > > >
> > > > > >
> > > > > > --
> > > > > > Howard M. Lewis Ship
> > > > > > Independent J2EE / Open-Source Java Consultant
> > > > > > Creator and PMC Chair, Apache Tapestry
> > > > > > Creator, Jakarta HiveMind
> > > > > >
> > > > > > Professional Tapestry training, mentoring, support
> > > > > > and project work. http://howardlewisship.com
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > ---------------------------------------------------------------------
> > > > > > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > > > > > For additional commands, e-mail: dev-help@tapestry.apache.org
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > > > --
> > > > > Jesse Kuhnert
> > > > > Tacos/Tapestry, team member/developer
> > > > >
> > > > > Open source based consulting work centered around
> > > > > dojo/tapestry/tacos/hivemind.
> > > > >
> > > > >
> > > > >
> > > > >
> > ---------------------------------------------------------------------
> > > > > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > > > > For additional commands, e-mail: dev-help@tapestry.apache.org
> > > > >
> > > > >
> > > >
> > > >
> > > > --
> > > > Jesse Kuhnert
> > > > Tacos/Tapestry, team member/developer
> > > >
> > > > Open source based consulting work centered around
> > > > dojo/tapestry/tacos/hivemind.
> > > >
> > > >
> > > >
> > > >
> ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > > > For additional commands, e-mail: dev-help@tapestry.apache.org
> > > >
> > > >
> > >
> > >
> > > --
> > > Jesse Kuhnert
> > > Tacos/Tapestry, team member/developer
> > >
> > > Open source based consulting work centered around
> > > dojo/tapestry/tacos/hivemind.
> > >
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > > For additional commands, e-mail: dev-help@tapestry.apache.org
> > >
> > >
> >
> >
> > --
> > Jesse Kuhnert
> > Tacos/Tapestry, team member/developer
> >
> > Open source based consulting work centered around
> > dojo/tapestry/tacos/hivemind.
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > For additional commands, e-mail: dev-help@tapestry.apache.org
> >
> >
>
>
> --
> Jesse Kuhnert
> Tacos/Tapestry, team member/developer
>
> Open source based consulting work centered around
> dojo/tapestry/tacos/hivemind.
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: dev-help@tapestry.apache.org
>
>
--
Jesse Kuhnert
Tacos/Tapestry, team member/developer
Open source based consulting work centered around
dojo/tapestry/tacos/hivemind.
RE: Permissions Mapping...
Posted by James Carman <ja...@carmanconsulting.com>.
So, where would I put the logic to add a PageValidateListener to the page if
it has a @Secure annotation? I plan on using
EnhancementOperation.extendMethodImplementation(), but I don't know what
signature to pass. I've got a special class that does validation based on
@Secure annotations and I need to know how to hook it to my page.
-----Original Message-----
From: Jesse Kuhnert [mailto:jkuhnert@gmail.com]
Sent: Wednesday, June 07, 2006 3:25 PM
To: Tapestry development
Subject: Re: Permissions Mapping...
You're awesome!! Between hibernate and acegi you're filling in two of the
biggest holes we've had. (beside maybe cleaning up the site and some
documentation ..cough )
On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
>
> Well, hopefully Acegi support will be done soon. So, we can put that to
> rest. :-)
>
> -----Original Message-----
> From: Jesse Kuhnert [mailto:jkuhnert@gmail.com]
> Sent: Wednesday, June 07, 2006 3:16 PM
> To: Tapestry development
> Subject: Re: Permissions Mapping...
>
> Glad I could be helpful :) The one added bonus of all the recent work
> being
> done in tapestry is that I feel pretty comforatable being able to
> maintain/enhance the tapestry4 series now.
>
> Hopefully when 4.1 is done coming out we can all attack the bugs/features
> that have been annoying everyone for so long.
>
> On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> >
> > Okay, great. As always, thanks for your help! :-)
> >
> >
> > -----Original Message-----
> > From: Jesse Kuhnert [mailto:jkuhnert@gmail.com]
> > Sent: Wednesday, June 07, 2006 3:01 PM
> > To: Tapestry development
> > Subject: Re: Permissions Mapping...
> >
> > Tons of things contribute to the pageLoaded method..There's also my new
> > Render chain that gets called after any component renders. (ie after
> > renderComponent) . I would look at the pageLoaded method enhancers..I
> > think
> > anything dealing with injection/properties does this. (not in
> annotations,
> > in org.apache.tapestry.enahance)
> >
> > On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> > >
> > > I'm looking for something that implements/overrides a method, but
> > doesn't
> > > "claim" it.
> > >
> > > -----Original Message-----
> > > From: Jesse Kuhnert [mailto:jkuhnert@gmail.com]
> > > Sent: Wednesday, June 07, 2006 2:27 PM
> > > To: Tapestry development
> > > Subject: Re: Permissions Mapping...
> > >
> > > EventListener . Yeah I think there are some enchancers that run for it
> > > (later, not in the annotation src though)... It's kind of up to you if
> > you
> > > need to enhance anything or not ;) (Personally I'd probably just use
> the
> > > annotations to provide a global cached sort of data lookup that some
> > other
> > > service could then use to do security stuff...Or somethin like that ;)
> )
> > >
> > > On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> > > >
> > > > Which ones? I assume there are enhancers that take care of them,
> too.
> > > :-)
> > > >
> > > > -----Original Message-----
> > > > From: Jesse Kuhnert [mailto:jkuhnert@gmail.com]
> > > > Sent: Wednesday, June 07, 2006 2:18 PM
> > > > To: Tapestry development
> > > > Subject: Re: Permissions Mapping...
> > > >
> > > > I just added some method level annotations into tapestry4/trunk if
> > that
> > > > helps...
> > > >
> > > > On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> > > > >
> > > > > Howard,
> > > > >
> > > > > Cool idea and I was considering it too. But, would there be a
> nice
> > > way
> > > > to
> > > > > specify this without using annotations? I'm not really against
> > them,
> > > > but
> > > > > some users get turned off by it. Also, do you have some example
> > code
> > > > > somewhere that I could "borrow"? Javassist isn't the easiest
> thing
> > in
> > > > the
> > > > > world, you know. :-)
> > > > >
> > > > > James
> > > > >
> > > > > -----Original Message-----
> > > > > From: Howard Lewis Ship [mailto:hlship@gmail.com]
> > > > > Sent: Wednesday, June 07, 2006 2:06 PM
> > > > > To: Tapestry development
> > > > > Subject: Re: Permissions Mapping...
> > > > >
> > > > > What I did was create a @Privileged annotation. The annotation
> > value
> > > > was
> > > > > the name of the required role. You could attach this method to
> > > classes,
> > > > or
> > > > > to methods. @Privileged is inherited, and @Privileged("") means
> no
> > > > > special
> > > > > privilege required.
> > > > >
> > > > > For classes, it implemented/extended PageValidateListener to check
> > the
> > > > > permission.
> > > > >
> > > > > For methods, it overrided the method to add a check before
> invoking
> > > > > super().
> > > > >
> > > > > I extended Tapestry class and method annotation workers to handle
> > > these
> > > > > annotations.
> > > > >
> > > > > Worked like a charm.
> > > > >
> > > > > This approach puts the logic right into the pages or methods,
> which
> > is
> > > > > where
> > > > > I think it belongs.
> > > > >
> > > > > On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> > > > > >
> > > > > > All,
> > > > > >
> > > > > > You guys are the experts. I have a design question. I am
> > creating
> > > a
> > > > > > tapestry/acegi integration package (parts of it are already
> > > > done). What
> > > > > I
> > > > > > need to figure out is how to decide what roles an in-coming
> > request
> > > > > > requires? If it's a PageService request, I can check the page
> > class
> > > > for
> > > > > a
> > > > > > @RequiredRole annotation. If it's a DirectService request, I
> can
> > > > check
> > > > > > the
> > > > > > method for a @RequiredRole annotation. But, how do I do this in
> a
> > > > > general
> > > > > > way? Any ideas?
> > > > > >
> > > > > > James
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > ---------------------------------------------------------------------
> > > > > > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > > > > > For additional commands, e-mail: dev-help@tapestry.apache.org
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > > > --
> > > > > Howard M. Lewis Ship
> > > > > Independent J2EE / Open-Source Java Consultant
> > > > > Creator and PMC Chair, Apache Tapestry
> > > > > Creator, Jakarta HiveMind
> > > > >
> > > > > Professional Tapestry training, mentoring, support
> > > > > and project work. http://howardlewisship.com
> > > > >
> > > > >
> > > > >
> > > > >
> > ---------------------------------------------------------------------
> > > > > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > > > > For additional commands, e-mail: dev-help@tapestry.apache.org
> > > > >
> > > > >
> > > >
> > > >
> > > > --
> > > > Jesse Kuhnert
> > > > Tacos/Tapestry, team member/developer
> > > >
> > > > Open source based consulting work centered around
> > > > dojo/tapestry/tacos/hivemind.
> > > >
> > > >
> > > >
> > > >
> ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > > > For additional commands, e-mail: dev-help@tapestry.apache.org
> > > >
> > > >
> > >
> > >
> > > --
> > > Jesse Kuhnert
> > > Tacos/Tapestry, team member/developer
> > >
> > > Open source based consulting work centered around
> > > dojo/tapestry/tacos/hivemind.
> > >
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > > For additional commands, e-mail: dev-help@tapestry.apache.org
> > >
> > >
> >
> >
> > --
> > Jesse Kuhnert
> > Tacos/Tapestry, team member/developer
> >
> > Open source based consulting work centered around
> > dojo/tapestry/tacos/hivemind.
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > For additional commands, e-mail: dev-help@tapestry.apache.org
> >
> >
>
>
> --
> Jesse Kuhnert
> Tacos/Tapestry, team member/developer
>
> Open source based consulting work centered around
> dojo/tapestry/tacos/hivemind.
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: dev-help@tapestry.apache.org
>
>
--
Jesse Kuhnert
Tacos/Tapestry, team member/developer
Open source based consulting work centered around
dojo/tapestry/tacos/hivemind.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
For additional commands, e-mail: dev-help@tapestry.apache.org
Re: Permissions Mapping...
Posted by Jesse Kuhnert <jk...@gmail.com>.
You're awesome!! Between hibernate and acegi you're filling in two of the
biggest holes we've had. (beside maybe cleaning up the site and some
documentation ..cough )
On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
>
> Well, hopefully Acegi support will be done soon. So, we can put that to
> rest. :-)
>
> -----Original Message-----
> From: Jesse Kuhnert [mailto:jkuhnert@gmail.com]
> Sent: Wednesday, June 07, 2006 3:16 PM
> To: Tapestry development
> Subject: Re: Permissions Mapping...
>
> Glad I could be helpful :) The one added bonus of all the recent work
> being
> done in tapestry is that I feel pretty comforatable being able to
> maintain/enhance the tapestry4 series now.
>
> Hopefully when 4.1 is done coming out we can all attack the bugs/features
> that have been annoying everyone for so long.
>
> On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> >
> > Okay, great. As always, thanks for your help! :-)
> >
> >
> > -----Original Message-----
> > From: Jesse Kuhnert [mailto:jkuhnert@gmail.com]
> > Sent: Wednesday, June 07, 2006 3:01 PM
> > To: Tapestry development
> > Subject: Re: Permissions Mapping...
> >
> > Tons of things contribute to the pageLoaded method..There's also my new
> > Render chain that gets called after any component renders. (ie after
> > renderComponent) . I would look at the pageLoaded method enhancers..I
> > think
> > anything dealing with injection/properties does this. (not in
> annotations,
> > in org.apache.tapestry.enahance)
> >
> > On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> > >
> > > I'm looking for something that implements/overrides a method, but
> > doesn't
> > > "claim" it.
> > >
> > > -----Original Message-----
> > > From: Jesse Kuhnert [mailto:jkuhnert@gmail.com]
> > > Sent: Wednesday, June 07, 2006 2:27 PM
> > > To: Tapestry development
> > > Subject: Re: Permissions Mapping...
> > >
> > > EventListener . Yeah I think there are some enchancers that run for it
> > > (later, not in the annotation src though)... It's kind of up to you if
> > you
> > > need to enhance anything or not ;) (Personally I'd probably just use
> the
> > > annotations to provide a global cached sort of data lookup that some
> > other
> > > service could then use to do security stuff...Or somethin like that ;)
> )
> > >
> > > On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> > > >
> > > > Which ones? I assume there are enhancers that take care of them,
> too.
> > > :-)
> > > >
> > > > -----Original Message-----
> > > > From: Jesse Kuhnert [mailto:jkuhnert@gmail.com]
> > > > Sent: Wednesday, June 07, 2006 2:18 PM
> > > > To: Tapestry development
> > > > Subject: Re: Permissions Mapping...
> > > >
> > > > I just added some method level annotations into tapestry4/trunk if
> > that
> > > > helps...
> > > >
> > > > On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> > > > >
> > > > > Howard,
> > > > >
> > > > > Cool idea and I was considering it too. But, would there be a
> nice
> > > way
> > > > to
> > > > > specify this without using annotations? I'm not really against
> > them,
> > > > but
> > > > > some users get turned off by it. Also, do you have some example
> > code
> > > > > somewhere that I could "borrow"? Javassist isn't the easiest
> thing
> > in
> > > > the
> > > > > world, you know. :-)
> > > > >
> > > > > James
> > > > >
> > > > > -----Original Message-----
> > > > > From: Howard Lewis Ship [mailto:hlship@gmail.com]
> > > > > Sent: Wednesday, June 07, 2006 2:06 PM
> > > > > To: Tapestry development
> > > > > Subject: Re: Permissions Mapping...
> > > > >
> > > > > What I did was create a @Privileged annotation. The annotation
> > value
> > > > was
> > > > > the name of the required role. You could attach this method to
> > > classes,
> > > > or
> > > > > to methods. @Privileged is inherited, and @Privileged("") means
> no
> > > > > special
> > > > > privilege required.
> > > > >
> > > > > For classes, it implemented/extended PageValidateListener to check
> > the
> > > > > permission.
> > > > >
> > > > > For methods, it overrided the method to add a check before
> invoking
> > > > > super().
> > > > >
> > > > > I extended Tapestry class and method annotation workers to handle
> > > these
> > > > > annotations.
> > > > >
> > > > > Worked like a charm.
> > > > >
> > > > > This approach puts the logic right into the pages or methods,
> which
> > is
> > > > > where
> > > > > I think it belongs.
> > > > >
> > > > > On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> > > > > >
> > > > > > All,
> > > > > >
> > > > > > You guys are the experts. I have a design question. I am
> > creating
> > > a
> > > > > > tapestry/acegi integration package (parts of it are already
> > > > done). What
> > > > > I
> > > > > > need to figure out is how to decide what roles an in-coming
> > request
> > > > > > requires? If it's a PageService request, I can check the page
> > class
> > > > for
> > > > > a
> > > > > > @RequiredRole annotation. If it's a DirectService request, I
> can
> > > > check
> > > > > > the
> > > > > > method for a @RequiredRole annotation. But, how do I do this in
> a
> > > > > general
> > > > > > way? Any ideas?
> > > > > >
> > > > > > James
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > ---------------------------------------------------------------------
> > > > > > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > > > > > For additional commands, e-mail: dev-help@tapestry.apache.org
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > > > --
> > > > > Howard M. Lewis Ship
> > > > > Independent J2EE / Open-Source Java Consultant
> > > > > Creator and PMC Chair, Apache Tapestry
> > > > > Creator, Jakarta HiveMind
> > > > >
> > > > > Professional Tapestry training, mentoring, support
> > > > > and project work. http://howardlewisship.com
> > > > >
> > > > >
> > > > >
> > > > >
> > ---------------------------------------------------------------------
> > > > > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > > > > For additional commands, e-mail: dev-help@tapestry.apache.org
> > > > >
> > > > >
> > > >
> > > >
> > > > --
> > > > Jesse Kuhnert
> > > > Tacos/Tapestry, team member/developer
> > > >
> > > > Open source based consulting work centered around
> > > > dojo/tapestry/tacos/hivemind.
> > > >
> > > >
> > > >
> > > >
> ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > > > For additional commands, e-mail: dev-help@tapestry.apache.org
> > > >
> > > >
> > >
> > >
> > > --
> > > Jesse Kuhnert
> > > Tacos/Tapestry, team member/developer
> > >
> > > Open source based consulting work centered around
> > > dojo/tapestry/tacos/hivemind.
> > >
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > > For additional commands, e-mail: dev-help@tapestry.apache.org
> > >
> > >
> >
> >
> > --
> > Jesse Kuhnert
> > Tacos/Tapestry, team member/developer
> >
> > Open source based consulting work centered around
> > dojo/tapestry/tacos/hivemind.
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > For additional commands, e-mail: dev-help@tapestry.apache.org
> >
> >
>
>
> --
> Jesse Kuhnert
> Tacos/Tapestry, team member/developer
>
> Open source based consulting work centered around
> dojo/tapestry/tacos/hivemind.
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: dev-help@tapestry.apache.org
>
>
--
Jesse Kuhnert
Tacos/Tapestry, team member/developer
Open source based consulting work centered around
dojo/tapestry/tacos/hivemind.
RE: Permissions Mapping...
Posted by James Carman <ja...@carmanconsulting.com>.
Well, hopefully Acegi support will be done soon. So, we can put that to
rest. :-)
-----Original Message-----
From: Jesse Kuhnert [mailto:jkuhnert@gmail.com]
Sent: Wednesday, June 07, 2006 3:16 PM
To: Tapestry development
Subject: Re: Permissions Mapping...
Glad I could be helpful :) The one added bonus of all the recent work being
done in tapestry is that I feel pretty comforatable being able to
maintain/enhance the tapestry4 series now.
Hopefully when 4.1 is done coming out we can all attack the bugs/features
that have been annoying everyone for so long.
On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
>
> Okay, great. As always, thanks for your help! :-)
>
>
> -----Original Message-----
> From: Jesse Kuhnert [mailto:jkuhnert@gmail.com]
> Sent: Wednesday, June 07, 2006 3:01 PM
> To: Tapestry development
> Subject: Re: Permissions Mapping...
>
> Tons of things contribute to the pageLoaded method..There's also my new
> Render chain that gets called after any component renders. (ie after
> renderComponent) . I would look at the pageLoaded method enhancers..I
> think
> anything dealing with injection/properties does this. (not in annotations,
> in org.apache.tapestry.enahance)
>
> On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> >
> > I'm looking for something that implements/overrides a method, but
> doesn't
> > "claim" it.
> >
> > -----Original Message-----
> > From: Jesse Kuhnert [mailto:jkuhnert@gmail.com]
> > Sent: Wednesday, June 07, 2006 2:27 PM
> > To: Tapestry development
> > Subject: Re: Permissions Mapping...
> >
> > EventListener . Yeah I think there are some enchancers that run for it
> > (later, not in the annotation src though)... It's kind of up to you if
> you
> > need to enhance anything or not ;) (Personally I'd probably just use the
> > annotations to provide a global cached sort of data lookup that some
> other
> > service could then use to do security stuff...Or somethin like that ;) )
> >
> > On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> > >
> > > Which ones? I assume there are enhancers that take care of them, too.
> > :-)
> > >
> > > -----Original Message-----
> > > From: Jesse Kuhnert [mailto:jkuhnert@gmail.com]
> > > Sent: Wednesday, June 07, 2006 2:18 PM
> > > To: Tapestry development
> > > Subject: Re: Permissions Mapping...
> > >
> > > I just added some method level annotations into tapestry4/trunk if
> that
> > > helps...
> > >
> > > On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> > > >
> > > > Howard,
> > > >
> > > > Cool idea and I was considering it too. But, would there be a nice
> > way
> > > to
> > > > specify this without using annotations? I'm not really against
> them,
> > > but
> > > > some users get turned off by it. Also, do you have some example
> code
> > > > somewhere that I could "borrow"? Javassist isn't the easiest thing
> in
> > > the
> > > > world, you know. :-)
> > > >
> > > > James
> > > >
> > > > -----Original Message-----
> > > > From: Howard Lewis Ship [mailto:hlship@gmail.com]
> > > > Sent: Wednesday, June 07, 2006 2:06 PM
> > > > To: Tapestry development
> > > > Subject: Re: Permissions Mapping...
> > > >
> > > > What I did was create a @Privileged annotation. The annotation
> value
> > > was
> > > > the name of the required role. You could attach this method to
> > classes,
> > > or
> > > > to methods. @Privileged is inherited, and @Privileged("") means no
> > > > special
> > > > privilege required.
> > > >
> > > > For classes, it implemented/extended PageValidateListener to check
> the
> > > > permission.
> > > >
> > > > For methods, it overrided the method to add a check before invoking
> > > > super().
> > > >
> > > > I extended Tapestry class and method annotation workers to handle
> > these
> > > > annotations.
> > > >
> > > > Worked like a charm.
> > > >
> > > > This approach puts the logic right into the pages or methods, which
> is
> > > > where
> > > > I think it belongs.
> > > >
> > > > On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> > > > >
> > > > > All,
> > > > >
> > > > > You guys are the experts. I have a design question. I am
> creating
> > a
> > > > > tapestry/acegi integration package (parts of it are already
> > > done). What
> > > > I
> > > > > need to figure out is how to decide what roles an in-coming
> request
> > > > > requires? If it's a PageService request, I can check the page
> class
> > > for
> > > > a
> > > > > @RequiredRole annotation. If it's a DirectService request, I can
> > > check
> > > > > the
> > > > > method for a @RequiredRole annotation. But, how do I do this in a
> > > > general
> > > > > way? Any ideas?
> > > > >
> > > > > James
> > > > >
> > > > >
> > > > >
> > > > >
> > ---------------------------------------------------------------------
> > > > > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > > > > For additional commands, e-mail: dev-help@tapestry.apache.org
> > > > >
> > > > >
> > > >
> > > >
> > > > --
> > > > Howard M. Lewis Ship
> > > > Independent J2EE / Open-Source Java Consultant
> > > > Creator and PMC Chair, Apache Tapestry
> > > > Creator, Jakarta HiveMind
> > > >
> > > > Professional Tapestry training, mentoring, support
> > > > and project work. http://howardlewisship.com
> > > >
> > > >
> > > >
> > > >
> ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > > > For additional commands, e-mail: dev-help@tapestry.apache.org
> > > >
> > > >
> > >
> > >
> > > --
> > > Jesse Kuhnert
> > > Tacos/Tapestry, team member/developer
> > >
> > > Open source based consulting work centered around
> > > dojo/tapestry/tacos/hivemind.
> > >
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > > For additional commands, e-mail: dev-help@tapestry.apache.org
> > >
> > >
> >
> >
> > --
> > Jesse Kuhnert
> > Tacos/Tapestry, team member/developer
> >
> > Open source based consulting work centered around
> > dojo/tapestry/tacos/hivemind.
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > For additional commands, e-mail: dev-help@tapestry.apache.org
> >
> >
>
>
> --
> Jesse Kuhnert
> Tacos/Tapestry, team member/developer
>
> Open source based consulting work centered around
> dojo/tapestry/tacos/hivemind.
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: dev-help@tapestry.apache.org
>
>
--
Jesse Kuhnert
Tacos/Tapestry, team member/developer
Open source based consulting work centered around
dojo/tapestry/tacos/hivemind.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
For additional commands, e-mail: dev-help@tapestry.apache.org
Re: Permissions Mapping...
Posted by Jesse Kuhnert <jk...@gmail.com>.
Glad I could be helpful :) The one added bonus of all the recent work being
done in tapestry is that I feel pretty comforatable being able to
maintain/enhance the tapestry4 series now.
Hopefully when 4.1 is done coming out we can all attack the bugs/features
that have been annoying everyone for so long.
On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
>
> Okay, great. As always, thanks for your help! :-)
>
>
> -----Original Message-----
> From: Jesse Kuhnert [mailto:jkuhnert@gmail.com]
> Sent: Wednesday, June 07, 2006 3:01 PM
> To: Tapestry development
> Subject: Re: Permissions Mapping...
>
> Tons of things contribute to the pageLoaded method..There's also my new
> Render chain that gets called after any component renders. (ie after
> renderComponent) . I would look at the pageLoaded method enhancers..I
> think
> anything dealing with injection/properties does this. (not in annotations,
> in org.apache.tapestry.enahance)
>
> On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> >
> > I'm looking for something that implements/overrides a method, but
> doesn't
> > "claim" it.
> >
> > -----Original Message-----
> > From: Jesse Kuhnert [mailto:jkuhnert@gmail.com]
> > Sent: Wednesday, June 07, 2006 2:27 PM
> > To: Tapestry development
> > Subject: Re: Permissions Mapping...
> >
> > EventListener . Yeah I think there are some enchancers that run for it
> > (later, not in the annotation src though)... It's kind of up to you if
> you
> > need to enhance anything or not ;) (Personally I'd probably just use the
> > annotations to provide a global cached sort of data lookup that some
> other
> > service could then use to do security stuff...Or somethin like that ;) )
> >
> > On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> > >
> > > Which ones? I assume there are enhancers that take care of them, too.
> > :-)
> > >
> > > -----Original Message-----
> > > From: Jesse Kuhnert [mailto:jkuhnert@gmail.com]
> > > Sent: Wednesday, June 07, 2006 2:18 PM
> > > To: Tapestry development
> > > Subject: Re: Permissions Mapping...
> > >
> > > I just added some method level annotations into tapestry4/trunk if
> that
> > > helps...
> > >
> > > On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> > > >
> > > > Howard,
> > > >
> > > > Cool idea and I was considering it too. But, would there be a nice
> > way
> > > to
> > > > specify this without using annotations? I'm not really against
> them,
> > > but
> > > > some users get turned off by it. Also, do you have some example
> code
> > > > somewhere that I could "borrow"? Javassist isn't the easiest thing
> in
> > > the
> > > > world, you know. :-)
> > > >
> > > > James
> > > >
> > > > -----Original Message-----
> > > > From: Howard Lewis Ship [mailto:hlship@gmail.com]
> > > > Sent: Wednesday, June 07, 2006 2:06 PM
> > > > To: Tapestry development
> > > > Subject: Re: Permissions Mapping...
> > > >
> > > > What I did was create a @Privileged annotation. The annotation
> value
> > > was
> > > > the name of the required role. You could attach this method to
> > classes,
> > > or
> > > > to methods. @Privileged is inherited, and @Privileged("") means no
> > > > special
> > > > privilege required.
> > > >
> > > > For classes, it implemented/extended PageValidateListener to check
> the
> > > > permission.
> > > >
> > > > For methods, it overrided the method to add a check before invoking
> > > > super().
> > > >
> > > > I extended Tapestry class and method annotation workers to handle
> > these
> > > > annotations.
> > > >
> > > > Worked like a charm.
> > > >
> > > > This approach puts the logic right into the pages or methods, which
> is
> > > > where
> > > > I think it belongs.
> > > >
> > > > On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> > > > >
> > > > > All,
> > > > >
> > > > > You guys are the experts. I have a design question. I am
> creating
> > a
> > > > > tapestry/acegi integration package (parts of it are already
> > > done). What
> > > > I
> > > > > need to figure out is how to decide what roles an in-coming
> request
> > > > > requires? If it's a PageService request, I can check the page
> class
> > > for
> > > > a
> > > > > @RequiredRole annotation. If it's a DirectService request, I can
> > > check
> > > > > the
> > > > > method for a @RequiredRole annotation. But, how do I do this in a
> > > > general
> > > > > way? Any ideas?
> > > > >
> > > > > James
> > > > >
> > > > >
> > > > >
> > > > >
> > ---------------------------------------------------------------------
> > > > > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > > > > For additional commands, e-mail: dev-help@tapestry.apache.org
> > > > >
> > > > >
> > > >
> > > >
> > > > --
> > > > Howard M. Lewis Ship
> > > > Independent J2EE / Open-Source Java Consultant
> > > > Creator and PMC Chair, Apache Tapestry
> > > > Creator, Jakarta HiveMind
> > > >
> > > > Professional Tapestry training, mentoring, support
> > > > and project work. http://howardlewisship.com
> > > >
> > > >
> > > >
> > > >
> ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > > > For additional commands, e-mail: dev-help@tapestry.apache.org
> > > >
> > > >
> > >
> > >
> > > --
> > > Jesse Kuhnert
> > > Tacos/Tapestry, team member/developer
> > >
> > > Open source based consulting work centered around
> > > dojo/tapestry/tacos/hivemind.
> > >
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > > For additional commands, e-mail: dev-help@tapestry.apache.org
> > >
> > >
> >
> >
> > --
> > Jesse Kuhnert
> > Tacos/Tapestry, team member/developer
> >
> > Open source based consulting work centered around
> > dojo/tapestry/tacos/hivemind.
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > For additional commands, e-mail: dev-help@tapestry.apache.org
> >
> >
>
>
> --
> Jesse Kuhnert
> Tacos/Tapestry, team member/developer
>
> Open source based consulting work centered around
> dojo/tapestry/tacos/hivemind.
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: dev-help@tapestry.apache.org
>
>
--
Jesse Kuhnert
Tacos/Tapestry, team member/developer
Open source based consulting work centered around
dojo/tapestry/tacos/hivemind.
RE: Permissions Mapping...
Posted by James Carman <ja...@carmanconsulting.com>.
Okay, great. As always, thanks for your help! :-)
-----Original Message-----
From: Jesse Kuhnert [mailto:jkuhnert@gmail.com]
Sent: Wednesday, June 07, 2006 3:01 PM
To: Tapestry development
Subject: Re: Permissions Mapping...
Tons of things contribute to the pageLoaded method..There's also my new
Render chain that gets called after any component renders. (ie after
renderComponent) . I would look at the pageLoaded method enhancers..I think
anything dealing with injection/properties does this. (not in annotations,
in org.apache.tapestry.enahance)
On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
>
> I'm looking for something that implements/overrides a method, but doesn't
> "claim" it.
>
> -----Original Message-----
> From: Jesse Kuhnert [mailto:jkuhnert@gmail.com]
> Sent: Wednesday, June 07, 2006 2:27 PM
> To: Tapestry development
> Subject: Re: Permissions Mapping...
>
> EventListener . Yeah I think there are some enchancers that run for it
> (later, not in the annotation src though)... It's kind of up to you if you
> need to enhance anything or not ;) (Personally I'd probably just use the
> annotations to provide a global cached sort of data lookup that some other
> service could then use to do security stuff...Or somethin like that ;) )
>
> On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> >
> > Which ones? I assume there are enhancers that take care of them, too.
> :-)
> >
> > -----Original Message-----
> > From: Jesse Kuhnert [mailto:jkuhnert@gmail.com]
> > Sent: Wednesday, June 07, 2006 2:18 PM
> > To: Tapestry development
> > Subject: Re: Permissions Mapping...
> >
> > I just added some method level annotations into tapestry4/trunk if that
> > helps...
> >
> > On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> > >
> > > Howard,
> > >
> > > Cool idea and I was considering it too. But, would there be a nice
> way
> > to
> > > specify this without using annotations? I'm not really against them,
> > but
> > > some users get turned off by it. Also, do you have some example code
> > > somewhere that I could "borrow"? Javassist isn't the easiest thing in
> > the
> > > world, you know. :-)
> > >
> > > James
> > >
> > > -----Original Message-----
> > > From: Howard Lewis Ship [mailto:hlship@gmail.com]
> > > Sent: Wednesday, June 07, 2006 2:06 PM
> > > To: Tapestry development
> > > Subject: Re: Permissions Mapping...
> > >
> > > What I did was create a @Privileged annotation. The annotation value
> > was
> > > the name of the required role. You could attach this method to
> classes,
> > or
> > > to methods. @Privileged is inherited, and @Privileged("") means no
> > > special
> > > privilege required.
> > >
> > > For classes, it implemented/extended PageValidateListener to check the
> > > permission.
> > >
> > > For methods, it overrided the method to add a check before invoking
> > > super().
> > >
> > > I extended Tapestry class and method annotation workers to handle
> these
> > > annotations.
> > >
> > > Worked like a charm.
> > >
> > > This approach puts the logic right into the pages or methods, which is
> > > where
> > > I think it belongs.
> > >
> > > On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> > > >
> > > > All,
> > > >
> > > > You guys are the experts. I have a design question. I am creating
> a
> > > > tapestry/acegi integration package (parts of it are already
> > done). What
> > > I
> > > > need to figure out is how to decide what roles an in-coming request
> > > > requires? If it's a PageService request, I can check the page class
> > for
> > > a
> > > > @RequiredRole annotation. If it's a DirectService request, I can
> > check
> > > > the
> > > > method for a @RequiredRole annotation. But, how do I do this in a
> > > general
> > > > way? Any ideas?
> > > >
> > > > James
> > > >
> > > >
> > > >
> > > >
> ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > > > For additional commands, e-mail: dev-help@tapestry.apache.org
> > > >
> > > >
> > >
> > >
> > > --
> > > Howard M. Lewis Ship
> > > Independent J2EE / Open-Source Java Consultant
> > > Creator and PMC Chair, Apache Tapestry
> > > Creator, Jakarta HiveMind
> > >
> > > Professional Tapestry training, mentoring, support
> > > and project work. http://howardlewisship.com
> > >
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > > For additional commands, e-mail: dev-help@tapestry.apache.org
> > >
> > >
> >
> >
> > --
> > Jesse Kuhnert
> > Tacos/Tapestry, team member/developer
> >
> > Open source based consulting work centered around
> > dojo/tapestry/tacos/hivemind.
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > For additional commands, e-mail: dev-help@tapestry.apache.org
> >
> >
>
>
> --
> Jesse Kuhnert
> Tacos/Tapestry, team member/developer
>
> Open source based consulting work centered around
> dojo/tapestry/tacos/hivemind.
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: dev-help@tapestry.apache.org
>
>
--
Jesse Kuhnert
Tacos/Tapestry, team member/developer
Open source based consulting work centered around
dojo/tapestry/tacos/hivemind.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
For additional commands, e-mail: dev-help@tapestry.apache.org
Re: Permissions Mapping...
Posted by Jesse Kuhnert <jk...@gmail.com>.
Tons of things contribute to the pageLoaded method..There's also my new
Render chain that gets called after any component renders. (ie after
renderComponent) . I would look at the pageLoaded method enhancers..I think
anything dealing with injection/properties does this. (not in annotations,
in org.apache.tapestry.enahance)
On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
>
> I'm looking for something that implements/overrides a method, but doesn't
> "claim" it.
>
> -----Original Message-----
> From: Jesse Kuhnert [mailto:jkuhnert@gmail.com]
> Sent: Wednesday, June 07, 2006 2:27 PM
> To: Tapestry development
> Subject: Re: Permissions Mapping...
>
> EventListener . Yeah I think there are some enchancers that run for it
> (later, not in the annotation src though)... It's kind of up to you if you
> need to enhance anything or not ;) (Personally I'd probably just use the
> annotations to provide a global cached sort of data lookup that some other
> service could then use to do security stuff...Or somethin like that ;) )
>
> On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> >
> > Which ones? I assume there are enhancers that take care of them, too.
> :-)
> >
> > -----Original Message-----
> > From: Jesse Kuhnert [mailto:jkuhnert@gmail.com]
> > Sent: Wednesday, June 07, 2006 2:18 PM
> > To: Tapestry development
> > Subject: Re: Permissions Mapping...
> >
> > I just added some method level annotations into tapestry4/trunk if that
> > helps...
> >
> > On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> > >
> > > Howard,
> > >
> > > Cool idea and I was considering it too. But, would there be a nice
> way
> > to
> > > specify this without using annotations? I'm not really against them,
> > but
> > > some users get turned off by it. Also, do you have some example code
> > > somewhere that I could "borrow"? Javassist isn't the easiest thing in
> > the
> > > world, you know. :-)
> > >
> > > James
> > >
> > > -----Original Message-----
> > > From: Howard Lewis Ship [mailto:hlship@gmail.com]
> > > Sent: Wednesday, June 07, 2006 2:06 PM
> > > To: Tapestry development
> > > Subject: Re: Permissions Mapping...
> > >
> > > What I did was create a @Privileged annotation. The annotation value
> > was
> > > the name of the required role. You could attach this method to
> classes,
> > or
> > > to methods. @Privileged is inherited, and @Privileged("") means no
> > > special
> > > privilege required.
> > >
> > > For classes, it implemented/extended PageValidateListener to check the
> > > permission.
> > >
> > > For methods, it overrided the method to add a check before invoking
> > > super().
> > >
> > > I extended Tapestry class and method annotation workers to handle
> these
> > > annotations.
> > >
> > > Worked like a charm.
> > >
> > > This approach puts the logic right into the pages or methods, which is
> > > where
> > > I think it belongs.
> > >
> > > On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> > > >
> > > > All,
> > > >
> > > > You guys are the experts. I have a design question. I am creating
> a
> > > > tapestry/acegi integration package (parts of it are already
> > done). What
> > > I
> > > > need to figure out is how to decide what roles an in-coming request
> > > > requires? If it's a PageService request, I can check the page class
> > for
> > > a
> > > > @RequiredRole annotation. If it's a DirectService request, I can
> > check
> > > > the
> > > > method for a @RequiredRole annotation. But, how do I do this in a
> > > general
> > > > way? Any ideas?
> > > >
> > > > James
> > > >
> > > >
> > > >
> > > >
> ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > > > For additional commands, e-mail: dev-help@tapestry.apache.org
> > > >
> > > >
> > >
> > >
> > > --
> > > Howard M. Lewis Ship
> > > Independent J2EE / Open-Source Java Consultant
> > > Creator and PMC Chair, Apache Tapestry
> > > Creator, Jakarta HiveMind
> > >
> > > Professional Tapestry training, mentoring, support
> > > and project work. http://howardlewisship.com
> > >
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > > For additional commands, e-mail: dev-help@tapestry.apache.org
> > >
> > >
> >
> >
> > --
> > Jesse Kuhnert
> > Tacos/Tapestry, team member/developer
> >
> > Open source based consulting work centered around
> > dojo/tapestry/tacos/hivemind.
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > For additional commands, e-mail: dev-help@tapestry.apache.org
> >
> >
>
>
> --
> Jesse Kuhnert
> Tacos/Tapestry, team member/developer
>
> Open source based consulting work centered around
> dojo/tapestry/tacos/hivemind.
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: dev-help@tapestry.apache.org
>
>
--
Jesse Kuhnert
Tacos/Tapestry, team member/developer
Open source based consulting work centered around
dojo/tapestry/tacos/hivemind.
RE: Permissions Mapping...
Posted by James Carman <ja...@carmanconsulting.com>.
I'm looking for something that implements/overrides a method, but doesn't
"claim" it.
-----Original Message-----
From: Jesse Kuhnert [mailto:jkuhnert@gmail.com]
Sent: Wednesday, June 07, 2006 2:27 PM
To: Tapestry development
Subject: Re: Permissions Mapping...
EventListener . Yeah I think there are some enchancers that run for it
(later, not in the annotation src though)... It's kind of up to you if you
need to enhance anything or not ;) (Personally I'd probably just use the
annotations to provide a global cached sort of data lookup that some other
service could then use to do security stuff...Or somethin like that ;) )
On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
>
> Which ones? I assume there are enhancers that take care of them, too. :-)
>
> -----Original Message-----
> From: Jesse Kuhnert [mailto:jkuhnert@gmail.com]
> Sent: Wednesday, June 07, 2006 2:18 PM
> To: Tapestry development
> Subject: Re: Permissions Mapping...
>
> I just added some method level annotations into tapestry4/trunk if that
> helps...
>
> On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> >
> > Howard,
> >
> > Cool idea and I was considering it too. But, would there be a nice way
> to
> > specify this without using annotations? I'm not really against them,
> but
> > some users get turned off by it. Also, do you have some example code
> > somewhere that I could "borrow"? Javassist isn't the easiest thing in
> the
> > world, you know. :-)
> >
> > James
> >
> > -----Original Message-----
> > From: Howard Lewis Ship [mailto:hlship@gmail.com]
> > Sent: Wednesday, June 07, 2006 2:06 PM
> > To: Tapestry development
> > Subject: Re: Permissions Mapping...
> >
> > What I did was create a @Privileged annotation. The annotation value
> was
> > the name of the required role. You could attach this method to classes,
> or
> > to methods. @Privileged is inherited, and @Privileged("") means no
> > special
> > privilege required.
> >
> > For classes, it implemented/extended PageValidateListener to check the
> > permission.
> >
> > For methods, it overrided the method to add a check before invoking
> > super().
> >
> > I extended Tapestry class and method annotation workers to handle these
> > annotations.
> >
> > Worked like a charm.
> >
> > This approach puts the logic right into the pages or methods, which is
> > where
> > I think it belongs.
> >
> > On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> > >
> > > All,
> > >
> > > You guys are the experts. I have a design question. I am creating a
> > > tapestry/acegi integration package (parts of it are already
> done). What
> > I
> > > need to figure out is how to decide what roles an in-coming request
> > > requires? If it's a PageService request, I can check the page class
> for
> > a
> > > @RequiredRole annotation. If it's a DirectService request, I can
> check
> > > the
> > > method for a @RequiredRole annotation. But, how do I do this in a
> > general
> > > way? Any ideas?
> > >
> > > James
> > >
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > > For additional commands, e-mail: dev-help@tapestry.apache.org
> > >
> > >
> >
> >
> > --
> > Howard M. Lewis Ship
> > Independent J2EE / Open-Source Java Consultant
> > Creator and PMC Chair, Apache Tapestry
> > Creator, Jakarta HiveMind
> >
> > Professional Tapestry training, mentoring, support
> > and project work. http://howardlewisship.com
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > For additional commands, e-mail: dev-help@tapestry.apache.org
> >
> >
>
>
> --
> Jesse Kuhnert
> Tacos/Tapestry, team member/developer
>
> Open source based consulting work centered around
> dojo/tapestry/tacos/hivemind.
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: dev-help@tapestry.apache.org
>
>
--
Jesse Kuhnert
Tacos/Tapestry, team member/developer
Open source based consulting work centered around
dojo/tapestry/tacos/hivemind.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
For additional commands, e-mail: dev-help@tapestry.apache.org
Re: Permissions Mapping...
Posted by Jesse Kuhnert <jk...@gmail.com>.
EventListener . Yeah I think there are some enchancers that run for it
(later, not in the annotation src though)... It's kind of up to you if you
need to enhance anything or not ;) (Personally I'd probably just use the
annotations to provide a global cached sort of data lookup that some other
service could then use to do security stuff...Or somethin like that ;) )
On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
>
> Which ones? I assume there are enhancers that take care of them, too. :-)
>
> -----Original Message-----
> From: Jesse Kuhnert [mailto:jkuhnert@gmail.com]
> Sent: Wednesday, June 07, 2006 2:18 PM
> To: Tapestry development
> Subject: Re: Permissions Mapping...
>
> I just added some method level annotations into tapestry4/trunk if that
> helps...
>
> On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> >
> > Howard,
> >
> > Cool idea and I was considering it too. But, would there be a nice way
> to
> > specify this without using annotations? I'm not really against them,
> but
> > some users get turned off by it. Also, do you have some example code
> > somewhere that I could "borrow"? Javassist isn't the easiest thing in
> the
> > world, you know. :-)
> >
> > James
> >
> > -----Original Message-----
> > From: Howard Lewis Ship [mailto:hlship@gmail.com]
> > Sent: Wednesday, June 07, 2006 2:06 PM
> > To: Tapestry development
> > Subject: Re: Permissions Mapping...
> >
> > What I did was create a @Privileged annotation. The annotation value
> was
> > the name of the required role. You could attach this method to classes,
> or
> > to methods. @Privileged is inherited, and @Privileged("") means no
> > special
> > privilege required.
> >
> > For classes, it implemented/extended PageValidateListener to check the
> > permission.
> >
> > For methods, it overrided the method to add a check before invoking
> > super().
> >
> > I extended Tapestry class and method annotation workers to handle these
> > annotations.
> >
> > Worked like a charm.
> >
> > This approach puts the logic right into the pages or methods, which is
> > where
> > I think it belongs.
> >
> > On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> > >
> > > All,
> > >
> > > You guys are the experts. I have a design question. I am creating a
> > > tapestry/acegi integration package (parts of it are already
> done). What
> > I
> > > need to figure out is how to decide what roles an in-coming request
> > > requires? If it's a PageService request, I can check the page class
> for
> > a
> > > @RequiredRole annotation. If it's a DirectService request, I can
> check
> > > the
> > > method for a @RequiredRole annotation. But, how do I do this in a
> > general
> > > way? Any ideas?
> > >
> > > James
> > >
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > > For additional commands, e-mail: dev-help@tapestry.apache.org
> > >
> > >
> >
> >
> > --
> > Howard M. Lewis Ship
> > Independent J2EE / Open-Source Java Consultant
> > Creator and PMC Chair, Apache Tapestry
> > Creator, Jakarta HiveMind
> >
> > Professional Tapestry training, mentoring, support
> > and project work. http://howardlewisship.com
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > For additional commands, e-mail: dev-help@tapestry.apache.org
> >
> >
>
>
> --
> Jesse Kuhnert
> Tacos/Tapestry, team member/developer
>
> Open source based consulting work centered around
> dojo/tapestry/tacos/hivemind.
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: dev-help@tapestry.apache.org
>
>
--
Jesse Kuhnert
Tacos/Tapestry, team member/developer
Open source based consulting work centered around
dojo/tapestry/tacos/hivemind.
RE: Permissions Mapping...
Posted by James Carman <ja...@carmanconsulting.com>.
Which ones? I assume there are enhancers that take care of them, too. :-)
-----Original Message-----
From: Jesse Kuhnert [mailto:jkuhnert@gmail.com]
Sent: Wednesday, June 07, 2006 2:18 PM
To: Tapestry development
Subject: Re: Permissions Mapping...
I just added some method level annotations into tapestry4/trunk if that
helps...
On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
>
> Howard,
>
> Cool idea and I was considering it too. But, would there be a nice way to
> specify this without using annotations? I'm not really against them, but
> some users get turned off by it. Also, do you have some example code
> somewhere that I could "borrow"? Javassist isn't the easiest thing in the
> world, you know. :-)
>
> James
>
> -----Original Message-----
> From: Howard Lewis Ship [mailto:hlship@gmail.com]
> Sent: Wednesday, June 07, 2006 2:06 PM
> To: Tapestry development
> Subject: Re: Permissions Mapping...
>
> What I did was create a @Privileged annotation. The annotation value was
> the name of the required role. You could attach this method to classes, or
> to methods. @Privileged is inherited, and @Privileged("") means no
> special
> privilege required.
>
> For classes, it implemented/extended PageValidateListener to check the
> permission.
>
> For methods, it overrided the method to add a check before invoking
> super().
>
> I extended Tapestry class and method annotation workers to handle these
> annotations.
>
> Worked like a charm.
>
> This approach puts the logic right into the pages or methods, which is
> where
> I think it belongs.
>
> On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> >
> > All,
> >
> > You guys are the experts. I have a design question. I am creating a
> > tapestry/acegi integration package (parts of it are already done). What
> I
> > need to figure out is how to decide what roles an in-coming request
> > requires? If it's a PageService request, I can check the page class for
> a
> > @RequiredRole annotation. If it's a DirectService request, I can check
> > the
> > method for a @RequiredRole annotation. But, how do I do this in a
> general
> > way? Any ideas?
> >
> > James
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > For additional commands, e-mail: dev-help@tapestry.apache.org
> >
> >
>
>
> --
> Howard M. Lewis Ship
> Independent J2EE / Open-Source Java Consultant
> Creator and PMC Chair, Apache Tapestry
> Creator, Jakarta HiveMind
>
> Professional Tapestry training, mentoring, support
> and project work. http://howardlewisship.com
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: dev-help@tapestry.apache.org
>
>
--
Jesse Kuhnert
Tacos/Tapestry, team member/developer
Open source based consulting work centered around
dojo/tapestry/tacos/hivemind.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
For additional commands, e-mail: dev-help@tapestry.apache.org
Re: Permissions Mapping...
Posted by Jesse Kuhnert <jk...@gmail.com>.
I just added some method level annotations into tapestry4/trunk if that
helps...
On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
>
> Howard,
>
> Cool idea and I was considering it too. But, would there be a nice way to
> specify this without using annotations? I'm not really against them, but
> some users get turned off by it. Also, do you have some example code
> somewhere that I could "borrow"? Javassist isn't the easiest thing in the
> world, you know. :-)
>
> James
>
> -----Original Message-----
> From: Howard Lewis Ship [mailto:hlship@gmail.com]
> Sent: Wednesday, June 07, 2006 2:06 PM
> To: Tapestry development
> Subject: Re: Permissions Mapping...
>
> What I did was create a @Privileged annotation. The annotation value was
> the name of the required role. You could attach this method to classes, or
> to methods. @Privileged is inherited, and @Privileged("") means no
> special
> privilege required.
>
> For classes, it implemented/extended PageValidateListener to check the
> permission.
>
> For methods, it overrided the method to add a check before invoking
> super().
>
> I extended Tapestry class and method annotation workers to handle these
> annotations.
>
> Worked like a charm.
>
> This approach puts the logic right into the pages or methods, which is
> where
> I think it belongs.
>
> On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> >
> > All,
> >
> > You guys are the experts. I have a design question. I am creating a
> > tapestry/acegi integration package (parts of it are already done). What
> I
> > need to figure out is how to decide what roles an in-coming request
> > requires? If it's a PageService request, I can check the page class for
> a
> > @RequiredRole annotation. If it's a DirectService request, I can check
> > the
> > method for a @RequiredRole annotation. But, how do I do this in a
> general
> > way? Any ideas?
> >
> > James
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > For additional commands, e-mail: dev-help@tapestry.apache.org
> >
> >
>
>
> --
> Howard M. Lewis Ship
> Independent J2EE / Open-Source Java Consultant
> Creator and PMC Chair, Apache Tapestry
> Creator, Jakarta HiveMind
>
> Professional Tapestry training, mentoring, support
> and project work. http://howardlewisship.com
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: dev-help@tapestry.apache.org
>
>
--
Jesse Kuhnert
Tacos/Tapestry, team member/developer
Open source based consulting work centered around
dojo/tapestry/tacos/hivemind.
Re: Permissions Mapping...
Posted by Howard Lewis Ship <hl...@gmail.com>.
I don't believe I used extendMethodImplementation(). It is a new method
implementation, new in the enhanced subclass, that does the check, the calls
super.<method name>($$).
On 6/8/06, James Carman <ja...@carmanconsulting.com> wrote:
>
> Howard, how did you override the method using the
> EnhancementOperation.extendMethodImplementation() method? If so, how did
> you get around the *initial* call to the super implementation? You said
> it
> did the check before the call to super.
>
>
> -----Original Message-----
> From: Howard Lewis Ship [mailto:hlship@gmail.com]
> Sent: Wednesday, June 07, 2006 2:06 PM
> To: Tapestry development
> Subject: Re: Permissions Mapping...
>
> What I did was create a @Privileged annotation. The annotation value was
> the name of the required role. You could attach this method to classes, or
> to methods. @Privileged is inherited, and @Privileged("") means no
> special
> privilege required.
>
> For classes, it implemented/extended PageValidateListener to check the
> permission.
>
> For methods, it overrided the method to add a check before invoking
> super().
>
> I extended Tapestry class and method annotation workers to handle these
> annotations.
>
> Worked like a charm.
>
> This approach puts the logic right into the pages or methods, which is
> where
> I think it belongs.
>
> On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
> >
> > All,
> >
> > You guys are the experts. I have a design question. I am creating a
> > tapestry/acegi integration package (parts of it are already done). What
> I
> > need to figure out is how to decide what roles an in-coming request
> > requires? If it's a PageService request, I can check the page class for
> a
> > @RequiredRole annotation. If it's a DirectService request, I can check
> > the
> > method for a @RequiredRole annotation. But, how do I do this in a
> general
> > way? Any ideas?
> >
> > James
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> > For additional commands, e-mail: dev-help@tapestry.apache.org
> >
> >
>
>
> --
> Howard M. Lewis Ship
> Independent J2EE / Open-Source Java Consultant
> Creator and PMC Chair, Apache Tapestry
> Creator, Jakarta HiveMind
>
> Professional Tapestry training, mentoring, support
> and project work. http://howardlewisship.com
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: dev-help@tapestry.apache.org
>
>
--
Howard M. Lewis Ship
Independent J2EE / Open-Source Java Consultant
Creator and PMC Chair, Apache Tapestry
Creator, Jakarta HiveMind
Professional Tapestry training, mentoring, support
and project work. http://howardlewisship.com
RE: Permissions Mapping...
Posted by James Carman <ja...@carmanconsulting.com>.
Howard,
Cool idea and I was considering it too. But, would there be a nice way to
specify this without using annotations? I'm not really against them, but
some users get turned off by it. Also, do you have some example code
somewhere that I could "borrow"? Javassist isn't the easiest thing in the
world, you know. :-)
James
-----Original Message-----
From: Howard Lewis Ship [mailto:hlship@gmail.com]
Sent: Wednesday, June 07, 2006 2:06 PM
To: Tapestry development
Subject: Re: Permissions Mapping...
What I did was create a @Privileged annotation. The annotation value was
the name of the required role. You could attach this method to classes, or
to methods. @Privileged is inherited, and @Privileged("") means no special
privilege required.
For classes, it implemented/extended PageValidateListener to check the
permission.
For methods, it overrided the method to add a check before invoking super().
I extended Tapestry class and method annotation workers to handle these
annotations.
Worked like a charm.
This approach puts the logic right into the pages or methods, which is where
I think it belongs.
On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
>
> All,
>
> You guys are the experts. I have a design question. I am creating a
> tapestry/acegi integration package (parts of it are already done). What I
> need to figure out is how to decide what roles an in-coming request
> requires? If it's a PageService request, I can check the page class for a
> @RequiredRole annotation. If it's a DirectService request, I can check
> the
> method for a @RequiredRole annotation. But, how do I do this in a general
> way? Any ideas?
>
> James
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: dev-help@tapestry.apache.org
>
>
--
Howard M. Lewis Ship
Independent J2EE / Open-Source Java Consultant
Creator and PMC Chair, Apache Tapestry
Creator, Jakarta HiveMind
Professional Tapestry training, mentoring, support
and project work. http://howardlewisship.com
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
For additional commands, e-mail: dev-help@tapestry.apache.org
RE: Permissions Mapping...
Posted by James Carman <ja...@carmanconsulting.com>.
All I need is a bit of an example of your performEnhancement() methods for
your page/method annotation enhancement workers. If it's not
client-specific code, can you share?
-----Original Message-----
From: Howard Lewis Ship [mailto:hlship@gmail.com]
Sent: Wednesday, June 07, 2006 2:06 PM
To: Tapestry development
Subject: Re: Permissions Mapping...
What I did was create a @Privileged annotation. The annotation value was
the name of the required role. You could attach this method to classes, or
to methods. @Privileged is inherited, and @Privileged("") means no special
privilege required.
For classes, it implemented/extended PageValidateListener to check the
permission.
For methods, it overrided the method to add a check before invoking super().
I extended Tapestry class and method annotation workers to handle these
annotations.
Worked like a charm.
This approach puts the logic right into the pages or methods, which is where
I think it belongs.
On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
>
> All,
>
> You guys are the experts. I have a design question. I am creating a
> tapestry/acegi integration package (parts of it are already done). What I
> need to figure out is how to decide what roles an in-coming request
> requires? If it's a PageService request, I can check the page class for a
> @RequiredRole annotation. If it's a DirectService request, I can check
> the
> method for a @RequiredRole annotation. But, how do I do this in a general
> way? Any ideas?
>
> James
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: dev-help@tapestry.apache.org
>
>
--
Howard M. Lewis Ship
Independent J2EE / Open-Source Java Consultant
Creator and PMC Chair, Apache Tapestry
Creator, Jakarta HiveMind
Professional Tapestry training, mentoring, support
and project work. http://howardlewisship.com
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
For additional commands, e-mail: dev-help@tapestry.apache.org
RE: Permissions Mapping...
Posted by James Carman <ja...@carmanconsulting.com>.
Howard, how did you override the method using the
EnhancementOperation.extendMethodImplementation() method? If so, how did
you get around the *initial* call to the super implementation? You said it
did the check before the call to super.
-----Original Message-----
From: Howard Lewis Ship [mailto:hlship@gmail.com]
Sent: Wednesday, June 07, 2006 2:06 PM
To: Tapestry development
Subject: Re: Permissions Mapping...
What I did was create a @Privileged annotation. The annotation value was
the name of the required role. You could attach this method to classes, or
to methods. @Privileged is inherited, and @Privileged("") means no special
privilege required.
For classes, it implemented/extended PageValidateListener to check the
permission.
For methods, it overrided the method to add a check before invoking super().
I extended Tapestry class and method annotation workers to handle these
annotations.
Worked like a charm.
This approach puts the logic right into the pages or methods, which is where
I think it belongs.
On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
>
> All,
>
> You guys are the experts. I have a design question. I am creating a
> tapestry/acegi integration package (parts of it are already done). What I
> need to figure out is how to decide what roles an in-coming request
> requires? If it's a PageService request, I can check the page class for a
> @RequiredRole annotation. If it's a DirectService request, I can check
> the
> method for a @RequiredRole annotation. But, how do I do this in a general
> way? Any ideas?
>
> James
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: dev-help@tapestry.apache.org
>
>
--
Howard M. Lewis Ship
Independent J2EE / Open-Source Java Consultant
Creator and PMC Chair, Apache Tapestry
Creator, Jakarta HiveMind
Professional Tapestry training, mentoring, support
and project work. http://howardlewisship.com
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
For additional commands, e-mail: dev-help@tapestry.apache.org
Re: Permissions Mapping...
Posted by Howard Lewis Ship <hl...@gmail.com>.
What I did was create a @Privileged annotation. The annotation value was
the name of the required role. You could attach this method to classes, or
to methods. @Privileged is inherited, and @Privileged("") means no special
privilege required.
For classes, it implemented/extended PageValidateListener to check the
permission.
For methods, it overrided the method to add a check before invoking super().
I extended Tapestry class and method annotation workers to handle these
annotations.
Worked like a charm.
This approach puts the logic right into the pages or methods, which is where
I think it belongs.
On 6/7/06, James Carman <ja...@carmanconsulting.com> wrote:
>
> All,
>
> You guys are the experts. I have a design question. I am creating a
> tapestry/acegi integration package (parts of it are already done). What I
> need to figure out is how to decide what roles an in-coming request
> requires? If it's a PageService request, I can check the page class for a
> @RequiredRole annotation. If it's a DirectService request, I can check
> the
> method for a @RequiredRole annotation. But, how do I do this in a general
> way? Any ideas?
>
> James
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: dev-help@tapestry.apache.org
>
>
--
Howard M. Lewis Ship
Independent J2EE / Open-Source Java Consultant
Creator and PMC Chair, Apache Tapestry
Creator, Jakarta HiveMind
Professional Tapestry training, mentoring, support
and project work. http://howardlewisship.com