-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This is where I stick with ACEGI being unobtrusive. Not discounting any
other method of doing it at all, but I found that with ACEGI I add a
hook into "login/logout" pages and there's no other intrusion into my
Tapestry applications outside the configuration file (aka: no
"isUserInRole("...")" of any kind.
Again - one size doesn't fit all - especially with security. Take the
"easiest way for you" as long as it foots the bill and you're usually
alright.
Lothar Reisinger wrote:
> It's Tomcat security in combination with a PageValidateListener that
> solves this problem for me. In each page that needs special security
> there is a call to request.isUserInRole("..."). If the user isn't
> allowed, a PageRedirectException is thrown to redirect to an allowed
> page or to the error page.
>
>
> Carl Pelletier wrote:
>> Hi everyone, I'm currently building a web site and looking for
>> documentations on how-to or best practice of implementing Role
>> security in Tapestry 4.0.
>>
>> It`s a Simple CRUD application and we need to give some security to
>> users.
>> What the best way of doing it? Using the Tomcat security? Creating my
>> own?
>>
>> Thanks for any help!
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>> For additional commands, e-mail: [EMAIL PROTECTED]
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)
iD8DBQFEafOpaCoPKRow/gARAmlQAKDWEShBV8uLehNby76wH8EwdClD5ACfa2qo
B/VWA+BF/eB5K+SddhYAgfA=
=L2q/
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
