Em Wed, 20 Aug 2008 09:38:36 -0300, 9902468 <[EMAIL PROTECTED]>
escreveu:
One possibility yes, but that approach requires to keep a list of secured
pages to allow un-authorized users access non-secure pages.
(Pages could of course be annotated to be secure or use marker
interface.)
That's what tapestry5-acegi (and its sister project
tapestry5-spring-security) does:
@Secured({"ROLE_1", {ROLE_2})
public class YourPage {
...
}
There's a little difference: instead of using a RequestHandler or a
Dispatcher, they transform the page classes at runtime. ;)
And your approach occurs earlier in the request cycle... Thanks for the
pointer!
(Always nice to do things right and to learn :))
:)
Thiago
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
