ok, looks like i made it wrong In a previous thread, you said that this component requires "zero configuration", so i just put a dependency on my pom.xml, but it's still just like before (i.e i still can access, let's say, a 'file.xyz' inside my app).
am i missing something? 2007/11/28, Robert Zeigler <[EMAIL PROTECTED]>: > > The dispatcher, itself, blocks nothing. > It delegates to the authorizers. The last authorizer in the chain is a > whitelist, which whitelists > each of the (known) tapestry assets. I would be curious to know what > resources you were able to access. > > Robert > > On Nov 28, 2007, at 11/289:31 AM , Marcelo Lotif wrote: > > > Hi Robert, > > I try this component here, but many things are still available. What > > specifically this dispatcher blocks by default? > > > > 2007/11/27, Robert Zeigler <[EMAIL PROTECTED]>: > >> > >> Hi All, > >> > >> I've updated AssetProtectionDispatcher both in Tassel ( > >> http://www.tapestrycomponents.org > >> ) and in the maven repo mentioned in the AssetProtectionDispatcher > >> "notes" on Tassel. Current version is now 0.0.3. > >> The new version includes updated default entries to the > >> WhitelistAuthorizer to handle some tapestry assets that weren't > >> properly handled before. It also includes a new RegexAuthorizer that > >> takes an ordered list of regular expressions (as strings; yes, the > >> service will pre-compile them to patterns) to match against. If a > >> resource matches a provided regex, access to the asset is allowed. > >> Otherwise, authorization falls through to the whitelist authorizer. > >> The default configuration contains NO contributions to the regex > >> authorizer at the moment. For most projects, a contribution along > >> the > >> lines of: > >> > >> contributeRegexAuthorizer(Configuration<String> conf) { > >> conf.add("^.*\\.png$"); > >> conf.add("^.*\\.jpg$"); > >> conf.add("^.*\\.jpeg$"); > >> conf.add("^.*\\.js$"); > >> conf.add("^.*\\.css$"); > >> } > >> > >> is probably prudent. > >> > >> Cheers, > >> > >> Robert > >> > >> --------------------------------------------------------------------- > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > >> For additional commands, e-mail: [EMAIL PROTECTED] > >> > >> > > > > > > -- > > Atenciosamente, > > Marcelo Lotif > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- Atenciosamente, Marcelo Lotif
