Re: Tapestry Security

Hi Andreas, tapestry-security (http://www.tynamo.org/tapestry-security+guide/) is a Third Party project, not an Apache Tapestry module. The source code is available on GitHub (https://github.com/tynamo/tapestry-security). Perhaps you can speed things up by cloning the project, making the

Tapestry Security

Hi, are the any Plans to Update Tapestry Security for the new Tapestry Version. With the latest i got serveral errors, like: Unable to instantiate class org.apache.tapestry5.http.modules.TapestryHttpModule as a module: Exception constructing service 'ServiceOverride': Error invoki

Re: tapestry-security 0.7.1 and tapestry-resteasy 0.5.0 released!

>> This is wonderful! Thank you very much! >> >> On Mon, Jul 2, 2018 at 3:01 PM Kalle Korhonen >> wrote: >> >>> It's that time of the year again. Actually, the community has been asking >>> these to be released for a while. Thanks to @homburgs, yo

Re: tapestry-security 0.7.1 and tapestry-resteasy 0.5.0 released!

has been asking > > these to be released for a while. Thanks to @homburgs, you can now > > contribute chains with RegExPatternMatcher to tapestry-security ( > > https://github.com/tynamo/tapestry-security/pull/50). Also, 0.7.1 is now > > using the latest version of Tapestry a

Re: tapestry-security 0.7.1 and tapestry-resteasy 0.5.0 released!

er to tapestry-security ( > https://github.com/tynamo/tapestry-security/pull/50). Also, 0.7.1 is now > using the latest version of Tapestry and I cleaned up a few annoying > default configuration errors that used to pop up in the logs( > https://github.com/tynamo/tapestry-securit

tapestry-security 0.7.1 and tapestry-resteasy 0.5.0 released!

It's that time of the year again. Actually, the community has been asking these to be released for a while. Thanks to @homburgs, you can now contribute chains with RegExPatternMatcher to tapestry-security ( https://github.com/tynamo/tapestry-security/pull/50). Also, 0.7.1 is now using the l

Re: tapestry-security 0.7.0 released!

an extended hiatus, I figured it’s time to do some releases. First >> up >> > is the old workhorse, tapestry-security. The 0.7.0 release represents a >> > true community effort, my job was mainly to merge pull requests from >> > multiple authors. Thank you @jochenberge

Re: tapestry-security 0.7.0 released!

very much! > > On Thu, Sep 14, 2017 at 7:58 PM, Kalle Korhonen < > kalle.o.korho...@gmail.com> > wrote: > > > After an extended hiatus, I figured it’s time to do some releases. First > up > > is the old workhorse, tapestry-security. The 0.7.0 release represent

Re: tapestry-security 0.7.0 released!

Awesome, Kalle! Thank you very much! On Thu, Sep 14, 2017 at 7:58 PM, Kalle Korhonen wrote: > After an extended hiatus, I figured it’s time to do some releases. First up > is the old workhorse, tapestry-security. The 0.7.0 release represents a > true community effort, my job was mainly

Re: tapestry-security 0.7.0 released!

Excellent news, thanks Kalle! On Sep 14, 2017 6:58 PM, "Kalle Korhonen" wrote: After an extended hiatus, I figured it’s time to do some releases. First up is the old workhorse, tapestry-security. The 0.7.0 release represents a true community effort, my job was mainly to merge pull req

tapestry-security 0.7.0 released!

After an extended hiatus, I figured it’s time to do some releases. First up is the old workhorse, tapestry-security. The 0.7.0 release represents a true community effort, my job was mainly to merge pull requests from multiple authors. Thank you @jochenberger, @fkretzer, @pedrocborges2, @ascandroli

Re: pac4j with tapestry-security

Take a look at the excellent tynamo-federatedaccounts module at http://www.tynamo.org/tynamo-federatedaccounts+guide/ Cheers! On Fri, Apr 28, 2017 at 1:11 AM, Tapestry wrote: > Hey all! > > I am trying to use pac4j (https://github.com/bujiio/buji-pac4j) with > tapestry-security sin

pac4j with tapestry-security

Hey all! I am trying to use pac4j (https://github.com/bujiio/buji-pac4j) with tapestry-security since my client requires SAML2. But seeing that I can't use shiro.ini, I can't come up with a way to implement. Has anybody use this library before? Thanks! Miguel

Re: Tapestry-security/shiro check for 'any' permission

19, 2017, Robin Garner wrote: > I've just about finished adding my first feature that uses object > permissions to a tapestry app (tapestry-security 0.5.1, tapestry 5.3.8). > Users are given permissions to the objects they are allowed to maintain, > when they go to the new page, only

Tapestry-security/shiro check for 'any' permission

I've just about finished adding my first feature that uses object permissions to a tapestry app (tapestry-security 0.5.1, tapestry 5.3.8). Users are given permissions to the objects they are allowed to maintain, when they go to the new page, only the objects they have permission to mai

Re: Tapestry-security CacheManager

Typically, you'd set the desired cachemanager in the realm itself, e.g.: public class UserRealm extends AuthorizingRealm { public UserRealm(...) { super(new MemoryConstrainedCacheManager()); Kalle On Wed, Dec 21, 2016 at 12:47 AM, Charlouze wrote: > Hello tapestry users, > > I wan

Tapestry-security CacheManager

Hello tapestry users, I wanted to get rid of the log message that says "*No cache or cacheManager properties have been set. Authorization cache cannot be obtained.*". I read that shiro offers an implementation of their CacheManager using EhCache so I tried to set it up. In order to set the Cache

tapestry-security 0.6.4 release addresses a serious vulnerability

r the vulnerability in [tapestry-security]( http://www.tynamo.org/tapestry-security+guide/), following a similar approach I had proposed for Shiro as well. In essence, an attacker can potentially gain access to the server using a deserialization vulnerability (see more at https://www.contrastsecurity.com/sec

Re: tapestry-security oauth authentification

Hi Charles, hope you don't mind that I moved this discussion to the tapestry users list as it may be useful for others as well. Yes, I'm right there with you. The trick to this is to override the SubjectFactory. Shiro creates a subject for all requests, authenticated or not. The principle is roughl

Re: Tapestry-security 0.6.3 and tapestry-model 0.6.0 for T5.4 released!

PM, "Kalle Korhonen" > wrote: > > > Hey all, > > > > at this time we have two T5.4 compatible release announcements to make. > > First tapestry-security 0.6.3: > > > > While working on securing an Ember frontend with Tapestry backend, I >

Re: Tapestry-security 0.6.3 and tapestry-model 0.6.0 for T5.4 released!

That's great news, thanks a lot ! As for tapestry-resteasy and tapestry-security, I had to reorder HttpServletRequestHandler and add some config to the security filter chain to secure my api. It was quite easy to do so I didn't think to tell you. Le mar. 15 déc. 2015 à 12:33, Bob Harne

Re: Tapestry-security 0.6.3 and tapestry-model 0.6.0 for T5.4 released!

cements to make. > First tapestry-security 0.6.3: > > While working on securing an Ember frontend with Tapestry backend, I > noticed that tynamo-resteasy didn't want to play well with security. I'm > fairly surprised this issue surfaced only now because tapestry-security is &g

Tapestry-security 0.6.3 and tapestry-model 0.6.0 for T5.4 released!

Hey all, at this time we have two T5.4 compatible release announcements to make. First tapestry-security 0.6.3: While working on securing an Ember frontend with Tapestry backend, I noticed that tynamo-resteasy didn't want to play well with security. I'm fairly surprised this issue sur

Re: HTTPS + tapestry-security

t add the '/' at the end of the host, > i.e. domain.tldlogin/unauthenticated. And the login form does not use > action="/login.login", it uses http:/... > > tapestry 5.4-rc-1 > tapestry-security 0.6.2 > > Bug? > > Andy > -- > ae | Andreas Ernst

HTTPS + tapestry-security

m does not use action="/login.login", it uses http:/... tapestry 5.4-rc-1 tapestry-security 0.6.2 Bug? Andy -- ae | Andreas Ernst | IT Spektrum Postfach 5, 65612 Beselich Schupbacher Str. 32, 65614 Beselich, Germany Tel: +49-6484-91002 Fax: +49-6484-91003 a...@ae-online.de | www.ae-o

Re: Tynamo Tapestry-Security - Multiple Realms - How to Change Authentication Strategy

Thanks Kalle -- you've made it easy for me!!! I added this to my AppModule and it works perfectly: @Startup public static void specifyAuthenticationStrategy(@InjectService("ModularRealmAuthenticator") ModularRealmAuthenticator mra) { mra.setAuthenticationStrategy(new F

Re: Tynamo Tapestry-Security - Multiple Realms - How to Change Authentication Strategy

On Sun, Dec 21, 2014 at 8:55 AM, Charles Karow wrote: > I'm using Tynamo Tapestry-Security 0.6.0 with Tapestry 5.4, and finding it > a very useful tool!! > I am implementing two realms for two different classes of users that are > stored in different tables in the databa

Tynamo Tapestry-Security - Multiple Realms - How to Change Authentication Strategy

I'm using Tynamo Tapestry-Security 0.6.0 with Tapestry 5.4, and finding it a very useful tool!! I am implementing two realms for two different classes of users that are stored in different tables in the database; both will use username/password authentication, and thus the same authentic

Re: [tapestry-security] PageService return page

OK cool, thx for quick response!! On 12/11/2014 3:03 pm, "Kalle Korhonen" wrote: > On Tue, Nov 11, 2014 at 7:48 PM, Chris Mylonas wrote: > > > Hi Tapestry Users, > > I'm porting some 5.3 (tapestry-security 0.5.1) to 5.4 (tapestry-security > > 0.6.2). >

Re: [tapestry-security] PageService return page

On Tue, Nov 11, 2014 at 7:48 PM, Chris Mylonas wrote: > Hi Tapestry Users, > I'm porting some 5.3 (tapestry-security 0.5.1) to 5.4 (tapestry-security > 0.6.2). > In my Signin page, there's a declaration to > import org.tynamo.security.services.PageService ; > which

[tapestry-security] PageService return page

Hi Tapestry Users, I'm porting some 5.3 (tapestry-security 0.5.1) to 5.4 (tapestry-security 0.6.2). In my Signin page, there's a declaration to import org.tynamo.security.services.PageService ; which is no longer found/available in 0.6.x What happened to it? (or where

Re: Session Cookie Remains after Tapestry Security Logout

t causes the > cookie > > > to remain? > > > > > > First of all, requesting an invalid session should not have been logged > > as > > an error - it's a completely normal for a web application - a WARN or > > simply DEBUG would have suited much b

Re: Session Cookie Remains after Tapestry Security Logout

> First of all, requesting an invalid session should not have been logged > as > an error - it's a completely normal for a web application - a WARN or > simply DEBUG would have suited much better (you could open an issue with > Wadi on that). Anyway, tapestry-security doesn't exp

Re: Session Cookie Remains after Tapestry Security Logout

y normal for a web application - a WARN or simply DEBUG would have suited much better (you could open an issue with Wadi on that). Anyway, tapestry-security doesn't explicitly remove JSESSIONID cookie on logout. It just invalidates the session and removes the rememberMe cookie. I didn't see th

Session Cookie Remains after Tapestry Security Logout

Hi Everyone! I am developing an application using Tapestry 5.4-beta-22 & Tapestry-Security 0.6.2. The Tapestry framework and the Tapestry-Security module have made my life a lot easier, and for that I am really grateful. I am writing to seek your generous input on an issue regarding the ses

Re: Tapestry-security 0.6.2 released!

Okay great, Thanks Kalle. On Mon, Oct 27, 2014 at 12:02 PM, Kalle Korhonen wrote: > On Mon, Oct 27, 2014 at 8:51 AM, George Christman > > wrote: > > > Sorry Kalle, it's still not entirely clear to me what I should be doing. > > Your saying LoginContextService is internal? Is there another way t

Re: Tapestry-security 0.6.2 released!

On Mon, Oct 27, 2014 at 8:51 AM, George Christman wrote: > Sorry Kalle, it's still not entirely clear to me what I should be doing. > Your saying LoginContextService is internal? Is there another way to access > getXxxURL then? Also, how do we handle redirectedToSavedRequest now? At > You handle

Re: Tapestry-security 0.6.2 released!

Sorry Kalle, it's still not entirely clear to me what I should be doing. Your saying LoginContextService is internal? Is there another way to access getXxxURL then? Also, how do we handle redirectedToSavedRequest now? At some point when you get everything ironed out it might be helpful to present t

Re: Tapestry-security 0.6.2 released!

On Mon, Oct 27, 2014 at 7:30 AM, George Christman wrote: > That's great Kalle. Thanks > > Question, I see you deprecated some methods, but I'm not seeing any > documentation on the new usage. I'm using the following code and I'm seeing > getSuccessPage() and getLoginPage() has been deprecated. I

Re: Tapestry-security 0.6.2 released!

That's great Kalle. Thanks Question, I see you deprecated some methods, but I'm not seeing any documentation on the new usage. I'm using the following code and I'm seeing getSuccessPage() and getLoginPage() has been deprecated. I think I read something about about getLoginPage() being replaced by

Re: Tapestry-security 0.6.2 released!

Toot toot!

Tapestry-security 0.6.2 released!

in 0.6.1. Fixed and added another enhancement well. - ContextPath is inconsistently saved as part of the savedRequest #15 <https://github.com/tynamo/tapestry-security/issues/15> - Access to /modules/** and /modules.gz/** should be allowed by default #14 <https://github.c

Re: Tapestry-security 0.6.1 released!

ed the following enhancements: > > > > > >- Session timeout, Login, POST form resubmission fails #7 > > ><https://github.com/tynamo/tapestry-security/issues/7> > > >- Redirecting to saved XHR url can lead to Exceptions #6 > > >

Re: Tapestry-security 0.6.1 released!

n the latest T5.4-beta-22 rail. Our rail engineers > have > > been hard at work and delivered the following enhancements: > > > >- Session timeout, Login, POST form resubmission fails #7 > ><https://github.com/tynamo/tapestry-security/issues/7> > >

Re: Tapestry-security 0.6.1 released!

ancements: > >- Session timeout, Login, POST form resubmission fails #7 ><https://github.com/tynamo/tapestry-security/issues/7> >- Redirecting to saved XHR url can lead to Exceptions #6 > <https://github.com/tynamo/tapestry-security/issues/6> >- add German mes

Tapestry-security 0.6.1 released!

amo/tapestry-security/issues/7> - Redirecting to saved XHR url can lead to Exceptions #6 <https://github.com/tynamo/tapestry-security/issues/6> - add German messages for the login form #5 <https://github.com/tynamo/tapestry-security/pull/5> - Upgrade security.loginForm

Re: Tynamo tapestry-security 0.6.0 in a v2.5 servlet container

Oct 2, 2014 at 4:11 PM, Jon Williams wrote: > Hi Kalle, > > I have tapestry-security 0.6.0 working successfully in GAE with > tapestry5.4 beta 22. > My problem was due to an oversight in my code which was quasi-impossible > to isolate from just looking at GAE logs. > Finally

Re: Tynamo tapestry-security 0.6.0 in a v2.5 servlet container

Hi Kalle, I have tapestry-security 0.6.0 working successfully in GAE with tapestry5.4 beta 22. My problem was due to an oversight in my code which was quasi-impossible to isolate from just looking at GAE logs. Finally broke down and got the app running locally in a debugger today and fixed my

Re: Tynamo tapestry-security 0.6.0 in a v2.5 servlet container

lure, I'll be happy to assist getting tapestry-security running on GAE. Kalle On Sun, Sep 14, 2014 at 3:28 PM, Jon Williams wrote: > Hi Kalle, (& y'all) > > I see your tapestry-security 0.6.0 has a dependency on the v3.0 servlet > spec. > I know 0.5.1 had it too, bec

Tynamo tapestry-security 0.6.0 in a v2.5 servlet container

Hi Kalle, (& y'all) I see your tapestry-security 0.6.0 has a dependency on the v3.0 servlet spec. I know 0.5.1 had it too, because I have an app running with it in a v3 servlet container that works fine and dandy. I am trying to work tapestry-security 0.6.0 into another app that's

Re: tapestry-security looking for sample code

Chris! :D Here's it: https://github.com/thiagohp/eloquentia. I was learning Tapestry Security and Apache Shiro on the fly, one piece at a time, implementing authentication then authorization. The key for learning Tapestry Security is to remember that's an integration of Apache Shiro, a

Re: tapestry-security looking for sample code

rge.net/hibernate-configuration-3.0.dtd"; > > Little things but they took me a while to find. :) > > Tim > > > > On 5 Aug 2014, at 12:51, Chris Mylonas wrote: > > Blog entry from previous reply seeing as it is out in the ether now :) > Sorry for spamming list >

Re: tapestry-security looking for sample code

ther now :) > Sorry for spamming list > > http://www.mrvoip.com.au/blog/tapestry-security-howto-notes > > Chris > > > On Tue, Aug 5, 2014 at 12:27 PM, Chris Mylonas wrote: > >> And here's some notes from my wiki for a tapestry-security file based auth >&

Re: tapestry-security looking for sample code

Thanks Chris This is really helpful. Getting an error that I can't parse hibernate.cfg.xml at the moment but I should be able to work it out. Tim On 5 Aug 2014, at 12:27, Chris Mylonas wrote: > And here's some notes from my wiki for a tapestry-security file based auth > a

Re: tapestry-security looking for sample code

mples. The concepts are largely the same whether you use JPA or Hibernate. Kalle On Mon, Aug 4, 2014 at 6:42 PM, D Tim Cummings wrote: > I am having a look at the tapestry-security guide at > http://tynamo.org/tapestry-security+guide and several of the links are > broken > > Hib

Re: tapestry-security looking for sample code

Blog entry from previous reply seeing as it is out in the ether now :) Sorry for spamming list http://www.mrvoip.com.au/blog/tapestry-security-howto-notes Chris On Tue, Aug 5, 2014 at 12:27 PM, Chris Mylonas wrote: > And here's some notes from my wiki for a tapestry-security file ba

Re: tapestry-security looking for sample code

And here's some notes from my wiki for a tapestry-security file based auth and hibernate for entities. I'm also in +10 timezone down in Sydney - so the replies will come later in the day usually :) Skeleton - Create quickstart tapestry archetype [edit <https://bondiwiki.

Re: tapestry-security looking for sample code

, "D Tim Cummings" wrote: > I am having a look at the tapestry-security guide at > http://tynamo.org/tapestry-security+guide and several of the links are > broken > > Hibernate-based entity realm (service) > <http://svn.codehaus.org/tynamo/trunk/tynamo-federatedaccount

tapestry-security looking for sample code

I am having a look at the tapestry-security guide at http://tynamo.org/tapestry-security+guide and several of the links are broken Hibernate-based entity realm (service) points to http://svn.codehaus.org/tynamo/trunk/tynamo-federatedaccounts/tynamo-federatedaccounts-core/src/test/java/org

Re: Tapestry-Security @RequiresPermission("xxx:yyy:zzz") on class

On Sun, 22 Jun 2014 22:56:46 -0300, Chris Mylonas wrote: Ah bugger, it always happens after sending to a list or forum. Found a suitable response to try from Listing 3.25 from Igor's book. e.g. Object onActivate(Long articleId) { this.article = blogService.findArticleById(articleId);

Re: Tapestry-Security @RequiresPermission("xxx:yyy:zzz") on class

On Sun, 22 Jun 2014 22:51:46 -0300, Chris Mylonas wrote: Hi Tapestry Users, Hi! Whilst waiting for customs clearance in a Fijian port, I have a query. Sounds fun! :P In my else, I'd like to redirect to a page, "you don't have permissions for this action". All examples I've come acr

Re: Tapestry-Security @RequiresPermission("xxx:yyy:zzz") on class

Ah bugger, it always happens after sending to a list or forum. Found a suitable response to try from Listing 3.25 from Igor's book. e.g. Object onActivate(Long articleId) { this.article = blogService.findArticleById(articleId); if (this.article == null) { return new StreamPa

Tapestry-Security @RequiresPermission("xxx:yyy:zzz") on class

Hi Tapestry Users, Whilst waiting for customs clearance in a Fijian port, I have a query. I'm extending my sample application's use of security for experimenting with. I have a UserProfile class currently with annotation @RequiresRoles("admin") and that works great. Using @RequiresPermissions h

Re: Tapestry Security Login?

I am confused it works! On Sat 14 Jun 2014 11:42:38 AM CEST, jeremias.epp...@web.de wrote: > Hello, > > I have a problem with the Tapestry Security Login. The Custom Realm and > the configuration works fine on a desktop app. > But on the web it does not work. If i type in my userna

Tapestry Security Login?

Hello, I have a problem with the Tapestry Security Login. The Custom Realm and the configuration works fine on a desktop app. But on the web it does not work. If i type in my username and password, the custom realm loads the user, but the forwarding sends me to MyApp/login/authentication instead

Re: Tapestry Security: transform shiro.ini to Tapestry Security

On Mon, Jun 9, 2014 at 2:56 AM, jeremias.epp...@web.de < jeremias.epp...@web.de> wrote: > Hello, > > I have a problem with Tapestry Security and I hope it is okay if I ask > the question over the tapestry mailing list. > My Problem is that I don't know how I can tran

Tapestry Security: transform shiro.ini to Tapestry Security

Hello, I have a problem with Tapestry Security and I hope it is okay if I ask the question over the tapestry mailing list. My Problem is that I don't know how I can transform my working shiro.ini to Tapestry Security. I use Apache Shiro, allready for the desktop part of my application,

Re: going from loop component to grid + tapestry-security = hide columns for non-admin user & grid + zebra-like effect using object.attribute

Ah rowClass - I'll check that. Its past midnight and I'm about to retire for the night. As for binding to a parameter, I didn't think to do that in the page class. I've been focussing on the template. Will give it a shot next opportunity. Thank for the quick suggestions, now I probably won't get

Re: going from loop component to grid + tapestry-security = hide columns for non-admin user & grid + zebra-like effect using object.attribute

Hi. Can't you bind the exclude parameter of the grid to a method that excludes extra columns, if the user is not logged in? - And i think that you may be looking for rowClass parameter of the grid, not class. I would suggest that you take a look at the documentation for the grid... http://tapest

going from loop component to grid + tapestry-security = hide columns for non-admin user & grid + zebra-like effect using object.attribute

Hi Tapsters, I'm converting an old table with a t:Loop component into a t:Grid component. I used to have a table that hid the username/password columns and now for a non-admin user with the grid the columns show. You can see the code below. Would I have to define the inside a block to get the

Re: Possible zone bug with tapestry-security 0.6.0

plete implementation. Conceivably, your page could also be unprotected but the action request is protected so it gets a bit hairy. You can always work around it though by returning a pre-defined success url. The open issue https://github.com/tynamo/tapestry-security/issues/2 is related. Kalle On Wed

Possible zone bug with tapestry-security 0.6.0

Hi guys, I encountered the following behavior and I'm not sure if I'm doing something incorrectly or if it's a bug. My user session expired while leaving my page open. I later came back to the page and clicked one of my zone links. Rightfully so, it redirected me to the login page, however once I

Re: Tapestry-security 0.6.0 relased!

Nice, I like it :). Now I can work on my security issues. On 26.03.2014 18:22, Kalle Korhonen wrote: As hinted earlier, our first T5.4 compatible module, tapestry-security is released. This release is primarily for compatibility, although I threw in one, non-backwards compatible enhancements

Tapestry-security 0.6.0 relased!

As hinted earlier, our first T5.4 compatible module, tapestry-security is released. This release is primarily for compatibility, although I threw in one, non-backwards compatible enhancements for optimized rememberMe cookies because I felt it was the right time. The source has moved to Github

Re: Problem with the Tapestry-Security Testapp

d technically run the test app via run-jetty-run > but it's not a good example security configuration. I leave creating a > running configuration as a task for you but I bet in your logs, you have a > line similar to this: "Excluded > entry=.../personal/git-tynamo/tapestry-s

Re: Problem with the Tapestry-Security Testapp

ample security configuration. I leave creating a running configuration as a task for you but I bet in your logs, you have a line similar to this: "Excluded entry=.../personal/git-tynamo/tapestry-security/target/test-classes". Perhaps https://github.com/tynamo/tynamo-example-federatedaccou

Problem with the Tapestry-Security Testapp

Hi All, I am still relatively new to Tapestry but I have built simple things for proof-of-concept using Tapestry (the latest 5.4-beta-3). I am now looking at incorporating security requirements by leveraging the Tapestry-Security project (latest version 0.6.1-SNAPSHOT). I have it set up in

Tapestry 5.4 / Tapestry-Security rewrite url

Hi guys, is there away to rewrite the tapestry-security redirect URL removing the unauthenticated part? I'd rather see it redirect to a clean login url. -- George Christman www.CarDaddy.com P.O. Box 735 Johnstown, New York

Re: tapestry-security: authentication on rememberme

Hi, thanks Lenny for your suggestion. I already saw this project yesterday. As it does more than i need, i decided me against it. Maybe i will have a look on it when i have more time. Thanks Kalle, overriding the SubjectFactory works perfectly. I will have a look on the RollingToken, it sounds in

Re: tapestry-security: authentication on rememberme

On Tue, Jul 9, 2013 at 10:55 AM, D.R. wrote: > i want to use the rememberme for a failover. I have overridden the > org.apache.shiro.web.mgt.CookieRememberMeManager to build my rememberme > cookies the way i want. As shiro does not support login on rememberme > out of the box, i want to ask where

Re: tapestry-security: authentication on rememberme

The FlowLogix library supports Tapestry-Security login with remember me out of the box: http://code.google.com/p/flowlogix On Jul 9, 2013, at 1:55 PM, D.R. wrote: > Hi @all, > > i want to use the rememberme for a failover. I have overr

tapestry-security: authentication on rememberme

Hi @all, i want to use the rememberme for a failover. I have overridden the org.apache.shiro.web.mgt.CookieRememberMeManager to build my rememberme cookies the way i want. As shiro does not support login on rememberme out of the box, i want to ask where the best place is to do the subject.login()?

Re: Tapestry Security / page instance / invocation question

On 06/04/2013 11:03 AM, Dmitry Gusev wrote: Just a note that you always can write your own component like this if you want: That's probably the better long term solution for my environment. On Tue, Jun 4, 2013 at 7:50 PM, Richard Frovarp wrote: That would work. The trick is that I need

Re: Tapestry Security / page instance / invocation question

quot; + instance.getId(); >> } >> >> will this work? >> >> On Thu, May 30, 2013 at 8:29 PM, Richard Frovarp > >wrote: >> >> I'm using the Tynamo tapestry-security library to great success. I've >>> been >>> progressing through t

Re: Tapestry Security / page instance / invocation question

etMyPermission() { return "some:permission:" + instance.getId(); } will this work? On Thu, May 30, 2013 at 8:29 PM, Richard Frovarp wrote: I'm using the Tynamo tapestry-security library to great success. I've been progressing through the instance level pieces and things are going well

Re: Tapestry Security / page instance / invocation question

2013 at 8:29 PM, Richard Frovarp wrote: > I'm using the Tynamo tapestry-security library to great success. I've been > progressing through the instance level pieces and things are going well. > > I've ran into a bit of a problem however. I can do the instance level >

Tapestry Security / page instance / invocation question

I'm using the Tynamo tapestry-security library to great success. I've been progressing through the instance level pieces and things are going well. I've ran into a bit of a problem however. I can do the instance level checks with @RequiresPermissions on functions jus

Re: integration of tapestry-security gives a dependency cycle

ok, seems that another lib is causing this error and not tapestry-security itself. kind regards david On 27.05.2013 09:04, D.R. wrote: > Hi @all, > > i try to add tapestry-security and have provided the two contributions > described on their homepage: > http://tynamo.org/ta

integration of tapestry-security gives a dependency cycle

Hi @all, i try to add tapestry-security and have provided the two contributions described on their homepage: http://tynamo.org/tapestry-security+guide Accessing my page gives me a warning: [WARN] TapestryModule.ComponentRequestHandler Unable to add 'SecurityFilter' as a dep

Re: tapestry-security 0.5.1 released

re but never announced. 0.5.1 is the new stable release for >>> T5.3.x. Unfortunately though, 0.5.1 will not work with the upcoming T5.4. >>> It does compile and about half of the tests succeed but the ajax >> interfaces >>> are changed enough that there will likely b

Re: tapestry-security 0.5.1 released

pile and about half of the tests succeed but the ajax > interfaces > > are changed enough that there will likely be some issues. Well, at least > we > > have something to do for the next release. See > > http://tynamo.org/tapestry-security+guide for more info. >

Re: tapestry-security 0.5.1 released

mething to do for the next release. See > http://tynamo.org/tapestry-security+guide for more info. > > Bug > [TYNAMO-176] - Incorrect redirect to login page in case of ajax request > > Improvement > [TYNAMO-125] - Else block for the security components > [TYNAMO-19

tapestry-security 0.5.1 released

. It does compile and about half of the tests succeed but the ajax interfaces are changed enough that there will likely be some issues. Well, at least we have something to do for the next release. See http://tynamo.org/tapestry-security+guide for more info. Bug [TYNAMO-176] - Incorrect redirect to

Re: anybody using tapestry-security ?

On 03/15/2013 11:35 PM, nhhockeyplayer nashua wrote: One of my issues as I understand this framework is defining access to the application. configuration.add(factory.createChain("/**").add(factory.authc()).build()); the above statement was imposing authentication on everything and actuall

RE: anybody using tapestry-security ?

configuration.add(factory.createChain("/roles/anonymous/**").add(factory.roles(), "anonymous").build()); configuration.add(factory.createChain("/roles/administrator/**").add(factory.roles(), "administrator").build()); configuration.add(factory.createChain("/perms/create/**").add(factory.perms(),

Re: Tapestry security Tynamo vs filter+service

+1 for tapestry-security. This module is excellent and very well documented. The key is, indeed to understanding Shiro, and T-security is just a very lightweight front-end/configuration module for Shiro. On Nov 8, 2012, at 9:45 AM, Richard Frovarp wrote: > On 11/08/2012 07:29 AM, John wr

Re: Tapestry security Tynamo vs filter+service

On 11/08/2012 07:29 AM, John wrote: I've been looking at Tynamo tapestry-security and while it is feature rich, it seems complex and not documented or with detailed enough with full examples for me to follow. So I am trying to implement the RequiresLoginFilter code HLS provided.

Re: Tapestry security Tynamo vs filter+service

On Thu, 08 Nov 2012 11:29:57 -0200, John wrote: I've been looking at Tynamo tapestry-security and while it is feature rich, it seems complex and not documented or with detailed enough with full examples for me to follow. I've never used it, but the documentation states quite cl

Tapestry security Tynamo vs filter+service

I've been looking at Tynamo tapestry-security and while it is feature rich, it seems complex and not documented or with detailed enough with full examples for me to follow. So I am trying to implement the RequiresLoginFilter code HLS provided. This requies implementing authService.isLog

Re: Tynamo tapestry-security Instance-Level Access Control?

control is a very interesting topic to me. I say > >>>> you are pretty much on the right track if you want to use the > >>>> permission model. You wouldn't *necessarily* need to change anything > >>>> in Shiro if you just did programmatic checks wit

  1   2   3   >