Hi James,
Consider that a dispatcher/request filter enables you to remove security
concerns from your pages, this has several advantages, i.e.: separation of
concerns, extensibility, and pipelining, which can be extremely useful for
layered security, take for instance this use case:
- Authenticate
- Authorize
- Audit session start/end
- Audit Resource Access (Page/Component etc)
- Secure Some Pages
IMHO the easiest and cleanest way to do all this is with a pipeline of request
filters, I can't imagine trying to maintain all of it in my pages. Although you
could probably do something similar using multiple base pages and an
inheritance hierarchy.
I also use a base page, but prefer to use it to propagate logic that is common
to every page (keeping it completely generic).
Kind regards,
Peter
----- Original Message -----
From: "James Sherwood" <jsherw...@rgisolutions.com>
To: "Tapestry users" <users@tapestry.apache.org>
Sent: Monday, 19 January, 2009 20:02:07 GMT +02:00 Athens, Beirut, Bucharest,
Istanbul
Subject: Possible to override onActivate from an extended page?
Hello,
I have a login only application and for the most part you just need to be
logged in to use it except for a couple of pages.
To enforce this I made a class:
Class SecurePage{
Object onActivate(){
If(!visitExists){
Return index.class;
}
Return null;
}
I just then extend my pages with this one.(which will have other various
methods common to many pages)
My problem: Is there a way to override the onActivate (or a way around it)
in the page that extends SecurePage so I could perform additional security
checks?
Thanks,
--James
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
