At Thu, 07/04/2005 в 03:40 +0200, IT Service Pahne wrote: > Hello, > > I am planning to build a fairly complex application with > Springframework, Hibernate and Tapestry. (Done that before, so no > problem so far). > > The new application has strong requirements concerning security, and so > I had a look at the Acegi Security framework. Seems like a natural > choice, because I am using Springframework already. > > When I looked through the Acegi reference I found, that it relies on > URLs for declarative security, the HttpSession for storing UserDetails > objects, servlet filters and JSPs for login forms and such things. > > Because I am using Tapestry for almost a year now, I forgot about > HttpSession, JSPs and stuff like that. I would like to know, if anybody > has used Acegi with Tapestry succesfully, and if there is sth. like a > howto out there? > > I already found the HISPACTA sample application, but looking at the > HISPACTA source did not help me much. I am that type of guy, that needs > a bit more to read through than a sample application.
Im using Acegi with Tapestry and can tell that you don't need to woark directly with http session or use JSP. All that you need to do: - initialize Visit object with acegi authentication results (on successful auth offcourse). in tapestry 3.0 ive used overloaded Engine.setupForRequest(...) for this. - limit access to pages. By example, ive used pageValidate(...) for checking can user access to page i use Acegi for limiting access to some tapestry pages (now only by authenticated or not, but im planning to implement role based access to pages) and limit access to business logic by user roles. First app used Tapestry 3.0.1, Spring 1.1rc, Acegi 0.6 Now developing new applications on Tapestry 3.1-alpha, Spring 1.2 and Acegi 0.8.1 -- Roman Krutyakov --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
