ok, looks like i made it wrong
In a previous thread, you said that this component requires "zero
configuration", so i just put a dependency on my pom.xml, but it's still
just like before (i.e i still can access, let's say, a 'file.xyz' inside my
app).

am i missing something?

2007/11/28, Robert Zeigler <[EMAIL PROTECTED]>:
>
> The dispatcher, itself, blocks nothing.
> It delegates to the authorizers. The last authorizer in the chain is a
> whitelist, which whitelists
> each of the (known) tapestry assets.  I would be curious to know what
> resources you were able to access.
>
> Robert
>
> On Nov 28, 2007, at 11/289:31 AM , Marcelo Lotif wrote:
>
> > Hi Robert,
> > I try this component here, but many things are still available. What
> > specifically this dispatcher blocks by default?
> >
> > 2007/11/27, Robert Zeigler <[EMAIL PROTECTED]>:
> >>
> >> Hi All,
> >>
> >> I've updated AssetProtectionDispatcher both in Tassel (
> >> http://www.tapestrycomponents.org
> >> ) and in the maven repo mentioned in the AssetProtectionDispatcher
> >> "notes" on Tassel.  Current version is now 0.0.3.
> >> The new version includes updated default entries to the
> >> WhitelistAuthorizer to handle some tapestry assets that weren't
> >> properly handled before.  It also includes a new RegexAuthorizer that
> >> takes an ordered list of regular expressions (as strings; yes, the
> >> service will pre-compile them to patterns) to match against. If a
> >> resource matches a provided regex, access to the asset is allowed.
> >> Otherwise, authorization falls through to the whitelist authorizer.
> >> The default configuration contains NO contributions to the regex
> >> authorizer at the moment.  For most projects, a contribution along
> >> the
> >> lines of:
> >>
> >> contributeRegexAuthorizer(Configuration<String> conf) {
> >>         conf.add("^.*\\.png$");
> >>         conf.add("^.*\\.jpg$");
> >>         conf.add("^.*\\.jpeg$");
> >>         conf.add("^.*\\.js$");
> >>         conf.add("^.*\\.css$");
> >> }
> >>
> >> is probably prudent.
> >>
> >> Cheers,
> >>
> >> Robert
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: [EMAIL PROTECTED]
> >> For additional commands, e-mail: [EMAIL PROTECTED]
> >>
> >>
> >
> >
> > --
> > Atenciosamente,
> > Marcelo Lotif
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>


-- 
Atenciosamente,
Marcelo Lotif

Reply via email to