Le 17/05/2010 18:40, Thiago H. de Paula Figueiredo a écrit :
On Mon, 17 May 2010 11:12:48 -0300, Nicolas Bouillon
<nico...@bouil.org> wrote:
Hi,
Hi!
I'm using Tapestry 5.1 with Tapestry Spring Security 2.1.0 and I've
noticied a strange behaviour :
But even if the user is not logged in, the onActivate is called.
As far as I can remember, TSS checks the @Secured in page classes
annotation by decorating the @SetupRender render event, which is
triggered after the activate event. That's exactly why I left TSS and
started working on a security package of my own.
Yes, it is what I have seen on source code.
I'm afraid it is also a no-go for using TSS with this kind of security
hole. What a deception because it is easiest than a spring security XML
file.
Nicolas.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
