FYI, the problem with the @Secured annotation is related to the
performance improvements ( https://issues.apache.org/jira/browse/TAP5-417
). The ComponentClassTransformWorker now needs to explicitly specify which
render phases it requires. tapestry-acegi and tapestry-spring-security
don't do this yet.
Here's a quick'n'dirty work-around for tapestry-acegi that makes the
@Secured annotation work. Just add this to one of your Modules:
// Fix while tapestry-acegi is not compatible with T5.1
public static void contributeComponentClassTransformWorker(
OrderedConfiguration<ComponentClassTransformWorker>
configuration, SecurityChecker securityChecker) {
final AcegiWorker acegiWorker = new AcegiWorker(securityChecker);
configuration.override("Acegi", new
ComponentClassTransformWorker() {
public void transform(ClassTransformation transformation,
MutableComponentModel model) {
Secured annotation = transformation.getAnnotation(Secured.
class);
if (annotation != null) {
model.addRenderPhase(BeginRender.class);
model.addRenderPhase(CleanupRender.class);
}
acegiWorker.transform(transformation, model);
}
});
}
I'm not using Spring Security (yet) but by looking in the
tapestry-spring-security SVN repository and modifying the code about, I
suspect this might do the trick:
// Fix while tapestry-spring-security is not compatible with T5.1
public static void contributeComponentClassTransformWorker(
OrderedConfiguration<ComponentClassTransformWorker>
configuration, SecurityChecker securityChecker) {
final SpringSecurityWorker securityWorker = new
SpringSecurityWorker(securityChecker);
configuration.override("SpringSecurity", new
ComponentClassTransformWorker() {
public void transform(ClassTransformation transformation,
MutableComponentModel model) {
Secured annotation = transformation.getAnnotation(Secured.
class);
if (annotation != null) {
model.addRenderPhase(BeginRender.class);
model.addRenderPhase(CleanupRender.class);
}
securityWorker.transform(transformation, model);
}
});
}
Paul
------------------
Paul Field
Research IT
Deutsche Bank
manuel aldana <[email protected]>
06/04/2009 17:26
Please respond to
"Tapestry users" <[email protected]>
To
Tapestry users <[email protected]>
cc
Subject
Re: Tapestry 5.1.0.2 and tapestry-spring-security 2.0.1
Thiago H. de Paula Figueiredo schrieb[
>> [...] session rather than Tapestry's Session.
>>
>
> I'm having this issue too. Besides this, the @Secured annotation does
not work.
I asked the creator about this. He said spring-security is not
compatible with 5.1. So I guess we need to wait or help :)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---
This e-mail may contain confidential and/or privileged information. If you are
not the intended recipient (or have received this e-mail in error) please
notify the sender immediately and delete this e-mail. Any unauthorized copying,
disclosure or distribution of the material in this e-mail is strictly forbidden.
Please refer to http://www.db.com/en/content/eu_disclosures.htm for additional
EU corporate and regulatory disclosures.
