riginal Message-
From: Chris Lewis [mailto:[EMAIL PROTECTED]
Sent: Wednesday, August 20, 2008 10:04 PM
To: Tapestry users
Subject: Re: Trying to Implement RedirectException in Tapestry 5
Ben Wong wrote:
> I decided against the dispatcher approach for the reasons ville.virtanen
> brough
Ben Wong wrote:
> I decided against the dispatcher approach for the reasons ville.virtanen
> brought up. The dispatcher will have to know what pages are secured and
> which aren't.
>
>
Whatever authentication system you use will be burdened with the same
issue. After all it is a critical var
L PROTECTED]
Sent: Wednesday, August 20, 2008 9:30 AM
To: Tapestry users
Subject: Re: Trying to Implement RedirectException in Tapestry 5
I love the dispatcher approach for this, I like it simply because it removes
security concerns from pages and is lightweight and customizable.
- Origin
Yea - to quote you from http://issues.apache.org/jira/browse/TAPESTRY-647
"Which just goes to show why using exceptions for this kind of control
flow really is a bad idea! I'll fix it on my next framework, promise!"
:)
On Wed, Aug 20, 2008 at 3:45 AM, Howard Lewis Ship <[EMAIL PROTECTED]> wrote:
-
From: Peter Stavrinides [mailto:[EMAIL PROTECTED]
Sent: Wednesday, August 20, 2008 9:30 AM
To: Tapestry users
Subject: Re: Trying to Implement RedirectException in Tapestry 5
I love the dispatcher approach for this, I like it simply because it removes
security concerns from pages and is light
, not the
standard tapestry one. I don't know if this makes a difference.
Thanks,
Ben
-Original Message-
From: 9902468 [mailto:[EMAIL PROTECTED]
Sent: Wednesday, August 20, 2008 6:23 AM
To: users@tapestry.apache.org
Subject: Re: Trying to Implement RedirectException in Tapestry
Em Wed, 20 Aug 2008 11:55:03 -0300, Markus Joschko
<[EMAIL PROTECTED]> escreveu:
Just want to throw in a non security related use case. Imagine a
wizard where the user jumps to the url of step3 before completing
step1.
A dispatcher approach would be overkill and the onactivate method
seems to
pages and is lightweight and customizable.
>
>
> - Original Message -
> From: "9902468" <[EMAIL PROTECTED]>
> To: users@tapestry.apache.org
> Sent: Wednesday, 20 August, 2008 4:30:05 PM GMT +02:00 Athens, Beirut,
> Bucharest, Istanbul
> Subject: Re:
05 PM GMT +02:00 Athens, Beirut,
Bucharest, Istanbul
Subject: Re: Trying to Implement RedirectException in Tapestry 5
On a side note, it's a bad thing to hard code allowed roles to page, we use a
service that is queried if this role is allowed to access this page (Or
execute this action.).
On a side note, it's a bad thing to hard code allowed roles to page, we use a
service that is queried if this role is allowed to access this page (Or
execute this action.). That way we can have role - rights matrix that can be
administrated by the super user of the system. (Info can be on a file o
I've used Spring with T4 and it has it's merits, but Spring was outvoted for
our two next projects as the projects are small scale and there is always
overhead when using spring. (Trying to keep the technology stack as small as
possible to make "clean" software.)
So we have to make do with T5 + i
Em Wed, 20 Aug 2008 09:38:36 -0300, 9902468 <[EMAIL PROTECTED]>
escreveu:
One possibility yes, but that approach requires to keep a list of secured
pages to allow un-authorized users access non-secure pages.
(Pages could of course be annotated to be secure or use marker
interface.)
That's
One possibility yes, but that approach requires to keep a list of secured
pages to allow un-authorized users access non-secure pages.
(Pages could of course be annotated to be secure or use marker interface.)
And your approach occurs earlier in the request cycle... Thanks for the
pointer!
-99
Em Wed, 20 Aug 2008 08:23:12 -0300, 9902468 <[EMAIL PROTECTED]>
escreveu:
I have also noticed that onActivate is a bad place to check general
access rights as you cannot be sure that the check implemented to base
class is not overridden or if developer uses one of the
onActivate(param) va
On Wed, Aug 20, 2008 at 2:45 AM, Howard Lewis Ship <[EMAIL PROTECTED]> wrote:
> Using exceptions for control flow was never one of Tapestry great
> ideas; that's why its gone in Tapestry 5. Exceptions are exceptions,
> representing things that have failed.
>
> In any case, the activate event is a
I personally do use exception if user does not have enough rights, after all,
that is exception, and not the intended flow of usage. (And is usually sign
that someone is trying to gain rights that are not intended for that
person.)
I have also noticed that onActivate is a bad place to check gener
Using exceptions for control flow was never one of Tapestry great
ideas; that's why its gone in Tapestry 5. Exceptions are exceptions,
representing things that have failed.
In any case, the activate event is a good place to perform checks.
The return vaslue from onActivate() (the name of the even
17 matches
Mail list logo