Re: Tapestry 5.1.0.2 and tapestry-spring-security 2.0.1

[Paul Field]

FYI, the problem with the @Secured annotation is related to the 
performance improvements ( https://issues.apache.org/jira/browse/TAP5-417 
). The ComponentClassTransformWorker now needs to explicitly specify which 
render phases it requires. tapestry-acegi and tapestry-spring-security 
don't do this yet.

Here's a quick'n'dirty work-around for tapestry-acegi that makes the 
@Secured annotation work. Just add this to one of your Modules:

    // Fix while tapestry-acegi is not compatible with T5.1
    public static void contributeComponentClassTransformWorker(
            OrderedConfiguration<ComponentClassTransformWorker> 
configuration, SecurityChecker securityChecker) {
        final AcegiWorker acegiWorker = new AcegiWorker(securityChecker);
        configuration.override("Acegi", new 
ComponentClassTransformWorker() {
            public void transform(ClassTransformation transformation, 
MutableComponentModel model) {
                Secured annotation = transformation.getAnnotation(Secured.
class);
                if (annotation != null) {
                    model.addRenderPhase(BeginRender.class);
                    model.addRenderPhase(CleanupRender.class);
                }
                acegiWorker.transform(transformation, model);
            }
        });
    }


I'm not using Spring Security (yet) but by looking in the 
tapestry-spring-security SVN repository and modifying the code about, I 
suspect this might do the trick:

    // Fix while tapestry-spring-security is not compatible with T5.1
    public static void contributeComponentClassTransformWorker(
            OrderedConfiguration<ComponentClassTransformWorker> 
configuration, SecurityChecker securityChecker) {
        final SpringSecurityWorker securityWorker = new 
SpringSecurityWorker(securityChecker);
        configuration.override("SpringSecurity", new 
ComponentClassTransformWorker() {
            public void transform(ClassTransformation transformation, 
MutableComponentModel model) {
                Secured annotation = transformation.getAnnotation(Secured.
class);
                if (annotation != null) {
                    model.addRenderPhase(BeginRender.class);
                    model.addRenderPhase(CleanupRender.class);
                }
                securityWorker.transform(transformation, model);
            }
        });
    }


Paul

------------------
Paul Field
Research IT
Deutsche Bank




manuel aldana <ald...@gmx.de> 
06/04/2009 17:26
Please respond to
"Tapestry users" <users@tapestry.apache.org>


To
Tapestry users <users@tapestry.apache.org>
cc

Subject
Re: Tapestry 5.1.0.2 and tapestry-spring-security 2.0.1






Thiago H. de Paula Figueiredo schrieb[
>> [...] session rather than Tapestry's Session.
>> 
>
> I'm having this issue too. Besides this, the @Secured annotation does 
not work.
I asked the creator about this. He said spring-security is not 
compatible with 5.1. So I guess we need to wait or help :)

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org





---

This e-mail may contain confidential and/or privileged information. If you are 
not the intended recipient (or have received this e-mail in error) please 
notify the sender immediately and delete this e-mail. Any unauthorized copying, 
disclosure or distribution of the material in this e-mail is strictly forbidden.

Please refer to http://www.db.com/en/content/eu_disclosures.htm for additional 
EU corporate and regulatory disclosures.