Hi all, new to this list..
Just started using tapestry, and I really like what I see. Our project has
decided to use tapestry and it is a relief compared to struts!
How can I tell tapestry to leave some runtime exceptions as they were and let
they trickle past the Exception page? I am using Tapestry 3.0.3. Is this
possible, or perhaps only in Tapestry 4?
I have just managed to hook acegi into tapestry, and it works well when using
url based security filter. Given the urls Tapestry generates I opted for method
based security interceptors instead, and here Tapestry gives me a challenge, as
acegi uses a family of runtime exceptions for capturing insufficient
privileges,
and redirecting the user to a login page.
For url-based security this works well, but for method based security, the
exception is thrown behind the tapestry framework when I call a method on my
spring managed service bean. Using AOP the method is never called, and a
net.sf.acegisecurity.AuthenticationCredentialsNotFoundException is thrown.
A securityEnforcmentFilter hooked into a FilterChainProxy is responsible for
catching this exception and forwarding to the login page, but tapestry is too
kind, and shows me the nice-looking exception page, and thus swallows the
exception the securityEnforcmentFilter expects.
I really hope someone can help me on this, as using method based security is a
blessing, specially combined with java annotations.
Now I this is sufficient to secure a method (and declarative transaction setup
as well), from my UserManager interface;
@SecurityConfig (value = {"ROLE_ADMIN"})
@Transactional (propagation = Propagation.SUPPORTS, readOnly = true)
List getAdministrativeUsers() throws ServiceException;
Here is the stacktrace (sorry about the garbled linex, posting though gmane,
with 80 character limit):
net.sf.acegisecurity.AuthenticationCredentialsNotFoundException
A valid SecureContext was not provided in the RequestContext
Stack Trace:
* net.sf.acegisecurity.intercept.AbstractSecurityInterceptor.
credentialsNotFound(AbstractSecurityInterceptor.java:477)
* net.sf.acegisecurity.intercept.AbstractSecurityInterceptor.
beforeInvocation(AbstractSecurityInterceptor.java:355)
* net.sf.acegisecurity.intercept.method.aopalliance.
MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:77)
* org.springframework.aop.framework.ReflectiveMethodInvocation.
proceed(ReflectiveMethodInvocation.java:144)
* org.springframework.aop.framework.JdkDynamicAopProxy.
invoke(JdkDynamicAopProxy.java:174)
* $Proxy7.getAdministrativeUsers(Unknown Source)
* no.imb.bite.useradmin.web.UserCollectionPage.
buildListEditMap(UserCollectionPage.java:55)
* no.imb.bite.useradmin.web.UserCollectionPage.
pageBeginRender(UserCollectionPage.java:81)
* org.apache.tapestry.AbstractPage.
firePageBeginRender(AbstractPage.java:463)
* org.apache.tapestry.AbstractPage.
renderPage(AbstractPage.java:293)
* org.apache.tapestry.engine.RequestCycle.
renderPage(RequestCycle.java:368)
* org.apache.tapestry.engine.AbstractEngine.
renderResponse(AbstractEngine.java:749)
* org.apache.tapestry.engine.PageService.service(PageService.java:77)
* org.apache.tapestry.engine.AbstractEngine.service(AbstractEngine.java:889)
* org.apache.tapestry.ApplicationServlet.
doService(ApplicationServlet.java:198)
* org.apache.tapestry.ApplicationServlet.doGet(ApplicationServlet.java:159)
* javax.servlet.http.HttpServlet.service(HttpServlet.java:689)
* javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
* org.apache.catalina.core.ApplicationFilterChain.
internalDoFilter(ApplicationFilterChain.java:237)
* org.apache.catalina.core.ApplicationFilterChain.
doFilter(ApplicationFilterChain.java:157)
* net.sf.acegisecurity.util.FilterChainProxy.
doFilter(FilterChainProxy.java:167)
* net.sf.acegisecurity.util.FilterToBeanProxy.
doFilter(FilterToBeanProxy.java:125)
* org.apache.catalina.core.ApplicationFilterChain.
internalDoFilter(ApplicationFilterChain.java:186)
* org.apache.catalina.core.ApplicationFilterChain.
doFilter(ApplicationFilterChain.java:157)
* org.springframework.orm.hibernate.support.OpenSessionInViewFilter.
doFilterInternal(OpenSessionInViewFilter.java:172)
* org.springframework.web.filter.OncePerRequestFilter.
doFilter(OncePerRequestFilter.java:76)
* org.apache.catalina.core.ApplicationFilterChain.
internalDoFilter(ApplicationFilterChain.java:186)
* org.apache.catalina.core.ApplicationFilterChain.
doFilter(ApplicationFilterChain.java:157)
* org.apache.catalina.core.StandardWrapperValve.
invoke(StandardWrapperValve.java:214)
* org.apache.catalina.core.StandardContextValve.
invoke(StandardContextValve.java:178)
* org.apache.catalina.valves.AccessLogValve.
invoke(AccessLogValve.java:526)
* org.apache.catalina.core.StandardHostValve.
invoke(StandardHostValve.java:126)
* org.apache.catalina.cluster.tcp.ReplicationValve.
invoke(ReplicationValve.java:129)
* org.apache.catalina.valves.ErrorReportValve.
invoke(ErrorReportValve.java:105)
* org.apache.catalina.core.StandardEngineValve.
invoke(StandardEngineValve.java:107)
* org.apache.catalina.connector.CoyoteAdapter.
service(CoyoteAdapter.java:148)
* org.apache.coyote.http11.Http11Processor.
process(Http11Processor.java:825)
* org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.
processConnection(Http11Protocol.java:731)
* org.apache.tomcat.util.net.PoolTcpEndpoint.
processSocket(PoolTcpEndpoint.java:526)
* org.apache.tomcat.util.net.LeaderFollowerWorkerThread.
runIt(LeaderFollowerWorkerThread.java:80)
* org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.
run(ThreadPool.java:684)
* java.lang.Thread.run(Thread.java:595)
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
