Re: [ANN] A Tapestry5 Based Security Module

Wed, 12 Jan 2011 06:58:11 -0800 

This is cool, I'd like to try it.

On Wed, Jan 12, 2011 at 17:47, Taha Hafeez <tawus.tapes...@gmail.com> wrote:

> yes there is. I am working on a tutorial about this module
>
> taha
>
>
> On Wed, Jan 12, 2011 at 7:15 PM, Dmitry Gusev <dmitry.gu...@gmail.com
> >wrote:
>
> > Yes, I guess it might work. Do you already have AuthorityVoter support?
> >
> > On Wed, Jan 12, 2011 at 16:38, Taha Hafeez <tawus.tapes...@gmail.com>
> > wrote:
> >
> > > Will this work
> > >
> > > interface BuisnessObject {
> > >   public String getOwner();
> > > }
> > >
> > > class Foo implements BusinessObject {
> > > }
> > >
> > >
> > > class BusinessObjectVoter extends AuthorityVoter<BusinessVoter> {
> > >
> > >   public void vote(Subject, Object object, Vote vote){
> > >      if(object instanceof BuisnessObject){
> > >         BusinessObject bs = (BusinessObject)object;
> > >         if(bs.getOwner().equals(subject.getName()){
> > >            vote.allow();
> > >         }else {
> > >            vote.deny();
> > >         }
> > >      }
> > >   }
> > >
> > >   public boolean supports(Object object){
> > >      return object instanceof BusinessObject;
> > >   }
> > > }
> > >
> > > regards
> > > Taha
> > >
> > >
> > > On Wed, Jan 12, 2011 at 6:58 PM, Dmitry Gusev <dmitry.gu...@gmail.com
> > > >wrote:
> > >
> > > > No, it can't. Role model is not enough here. I don't want _any_
> manger
> > to
> > > > update _any_ foo instance.
> > > > I want that *only manager created the foo instance* could update it.
> > Can
> > > I
> > > > do that with your lib?
> > > >
> > > > On Wed, Jan 12, 2011 at 16:04, Taha Hafeez <tawus.tapes...@gmail.com
> >
> > > > wrote:
> > > >
> > > > > Can't that be achieved by securing service/dao methods
> > > >
> > > >
> > > > > @RequiresLogin
> > > > > public interface FooDAO {
> > > > >
> > > > > @RequiresRole("ADMIN")
> > > > > public void add(Foo foo);
> > > > >
> > > > > @RequiresRole("MANAGER")
> > > > > public void update(Foo foo);
> > > > > }
> > > > >
> > > > > regards
> > > > > Taha
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > On Wed, Jan 12, 2011 at 5:25 PM, Dmitry Gusev <
> > dmitry.gu...@gmail.com
> > > > > >wrote:
> > > > >
> > > > > > Hi
> > > > > >
> > > > > > Is it possible using your library to implement security
> assertions
> > > > based
> > > > > on
> > > > > > business rules?
> > > > > > For instance, only allow object owner or admins to edit this
> > object?
> > > > > >
> > > > > > On Wed, Jan 12, 2011 at 14:38, Taha Hafeez <
> > tawus.tapes...@gmail.com
> > > >
> > > > > > wrote:
> > > > > >
> > > > > > > Hi
> > > > > > >
> > > > > > > I have made a number of changes in the project to support
> > > @Requires*
> > > > > > > annotations. There is support for voting and adding new voters
> > and
> > > > > > > providers. Adding custom annotation is also very easy. There is
> > > also
> > > > > > > support
> > > > > > > for regular-expression based page-authorization if you don't
> like
> > > > > > > annotations or like to keep security in AppModule only
> > > > > > >
> > > > > > > It is an example of how easy tapestry5 is. Even implementing a
> > full
> > > > > > > authorization module is so easy!!!
> > > > > > >
> > > > > > > The link is
> > > > > > > http://code.google.com/p/tapestryauth
> > > > > > >
> > > > > > > <http://code.google.com/p/tapestryauth> regards
> > > > > > > Taha
> > > > > > >
> > > > > > >
> > > > > > > On Fri, Dec 31, 2010 at 12:01 AM, Taha Hafeez <
> > > > > tawus.tapes...@gmail.com
> > > > > > > >wrote:
> > > > > > >
> > > > > > > > Hi Werner
> > > > > > > >
> > > > > > > >
> > > > > > > > I think it can be... It can act as a tapestry-layer over any
> > > > > > > > security/authentication framework...
> > > > > > > >
> > > > > > > > Will try to add an example for such a use but overall I want
> > this
> > > > as
> > > > > a
> > > > > > > > standalone role-based access and permission-based access
> model
> > > for
> > > > > > > > tapestry which is apt for small projects and can be extended
> to
> > > > > larger
> > > > > > > > projects too..
> > > > > > > >
> > > > > > > > But any suggestions will be more than helpful and especially
> > > > > > corrections
> > > > > > > > and criticism,,,
> > > > > > > >
> > > > > > > > regards
> > > > > > > > Taha
> > > > > > > >
> > > > > > > >
> > > > > > > > On Thu, Dec 30, 2010 at 11:47 PM, Werner Keil <
> > > > werner.k...@gmail.com
> > > > > > > >wrote:
> > > > > > > >
> > > > > > > >> Hi,
> > > > > > > >>
> > > > > > > >> Is this related or may be used with SSO technologies like
> > > OpenID,
> > > > > SAML
> > > > > > > or
> > > > > > > >> OAuth?
> > > > > > > >>
> > > > > > > >> Werner
> > > > > > > >>
> > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > --
> > > > > > Dmitry Gusev
> > > > > >
> > > > > > AnjLab Team
> > > > > > http://anjlab.com
> > > > > >
> > > > >
> > > >
> > > >
> > > >
> > > > --
> > > > Dmitry Gusev
> > > >
> > > > AnjLab Team
> > > > http://anjlab.com
> > > >
> > >
> >
> >
> >
> > --
> > Dmitry Gusev
> >
> > AnjLab Team
> > http://anjlab.com
> >
>



-- 
Dmitry Gusev

AnjLab Team
http://anjlab.com

Reply via email to