You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tapestry.apache.org by Richard Hill <ri...@su3analytics.com> on 2010/10/05 17:01:57 UTC
T5.1 - authenticating page access & contributing a sevice
Hi All,
I know there has been some discussion on best approaches in tapestry for
authenticating access to web pages, so apologies if i have missed the
answer to this:
Initially I was tempted by the simplest approach - that is just store
some "UserState" in the session via @SessionState and check this in
onActivate().
However I feel using a "@RequiresLogin" annotation approach is a little
more robust. I've been following Howard's tutorial here:
http://tapestryjava.blogspot.com/2009/12/securing-tapestry-pages-with.html
Now my question is two-fold:
1) How do I define and contribute a service in tapestry?
2) How does this guy know that the user _is_ authenticated? Should my
service cache logged-in users itself, or can it access the session?
Thanks for help,
Richard.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: T5.1 - authenticating page access & contributing a sevice
Posted by Richard Hill <ri...@su3analytics.com>.
Hi Thiago,
That's tremendous, thanks for the help.
R.
-----Original Message-----
From: Thiago H. de Paula Figueiredo <th...@gmail.com>
Reply-to: "Tapestry users" <us...@tapestry.apache.org>
To: Tapestry users <us...@tapestry.apache.org>
Subject: Re: T5.1 - authenticating page access & contributing a sevice
Date: Tue, 05 Oct 2010 12:28:41 -0300
On Tue, 05 Oct 2010 12:01:57 -0300, Richard Hill <ri...@su3analytics.com>
wrote:
> Hi All,
Hi!
> Now my question is two-fold:
>
> 1) How do I define and contribute a service in tapestry?
Using Tapestry IoC:
http://tapestry.apache.org/tapestry5.1/tapestry-ioc/service.html.
> 2) How does this guy know that the user _is_ authenticated? Should my
> service cache logged-in users itself, or can it access the session?
Both options sound the same to me. In your RequestFilter (or any other
class that isn't a page, component or mixin), use the
ApplicationStateManager service to get or set the value of a given class
persisted using @SessionState.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: T5.1 - authenticating page access & contributing a sevice
Posted by "Thiago H. de Paula Figueiredo" <th...@gmail.com>.
On Tue, 05 Oct 2010 12:01:57 -0300, Richard Hill <ri...@su3analytics.com>
wrote:
> Hi All,
Hi!
> Now my question is two-fold:
>
> 1) How do I define and contribute a service in tapestry?
Using Tapestry IoC:
http://tapestry.apache.org/tapestry5.1/tapestry-ioc/service.html.
> 2) How does this guy know that the user _is_ authenticated? Should my
> service cache logged-in users itself, or can it access the session?
Both options sound the same to me. In your RequestFilter (or any other
class that isn't a page, component or mixin), use the
ApplicationStateManager service to get or set the value of a given class
persisted using @SessionState.
--
Thiago H. de Paula Figueiredo
Independent Java, Apache Tapestry 5 and Hibernate consultant, developer,
and instructor
Owner, Ars Machina Tecnologia da Informação Ltda.
http://www.arsmachina.com.br
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org