Re: Best pratice - CRUD Security - Tapestry 4.0

Tue, 16 May 2006 09:20:15 -0700

That's wright, and the ACEGI feature list looks promisingly but I don't use spring up to now, only tapestry & hibernate, and I don't want to maintain to many references to external libraries. If the requirements can be easily fulfilled with the combination of already used libraries I'm taking this way. But nevertheless it's good to know about many ways... Requirements are changing...
By the way, I like the tapestry user list. I should have started to watch it a couple of month earlier ... 

Brian K. Wallace schrieb:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This is where I stick with ACEGI being unobtrusive. Not discounting any
other method of doing it at all, but I found that with ACEGI I add a
hook into "login/logout" pages and there's no other intrusion into my
Tapestry applications outside the configuration file (aka: no
"isUserInRole("...")" of any kind.

Again - one size doesn't fit all - especially with security. Take the
"easiest way for you" as long as it foots the bill and you're usually
alright.

Lothar Reisinger wrote:

It's Tomcat security in combination with a PageValidateListener that
solves this problem for me. In each page that needs special security
there is a call to request.isUserInRole("..."). If the user isn't
allowed, a PageRedirectException is thrown to redirect to an allowed
page or to the error page.


Carl Pelletier wrote:

Hi everyone, I'm currently building a web site and looking for
documentations on how-to or best practice of implementing Role
security in Tapestry 4.0.

It`s a Simple CRUD application and we need to give some security to
users.
What the best way of doing it? Using the Tomcat security? Creating my
own?

Thanks for any help!


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)

iD8DBQFEafOpaCoPKRow/gARAmlQAKDWEShBV8uLehNby76wH8EwdClD5ACfa2qo
B/VWA+BF/eB5K+SddhYAgfA=
=L2q/
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]























					Reply via email to