Hi, thank you both for the answers! I know the problem of passing user&pass via url, but for the time being I can't change it. All pages ( except Login ) are protected by @RequiresAuthentication annotation of tapestry-security framework thus they are locked if you are not logged. Login page appear because I have defined the following security symbols in the Module:
* configuration.add(SecuritySymbols.LOGIN_URL, "/login"); configuration.add(SecuritySymbols.DEFAULTSIGNINPAGE, "/login"); configuration.add(SecuritySymbols.SUCCESS_URL, "/Index"); configuration.add(SecuritySymbols.UNAUTHORIZED_URL, "/Unauthorized");* My doubt was the onActivate() method behavior. Why was the page loaded and wasn't onActivate launched? Do you think the way that the page was invoked ( implicitly) causes the behavior?. I will try nillehammer's suggestion, and I'll have a look at jumpstart as well. Thank you again! David ------------------------------------------------------------------ David Germán Canteros 2011/7/29 Thiago H. de Paula Figueiredo <thiag...@gmail.com> > On Fri, 29 Jul 2011 19:58:40 -0300, David Canteros < > davidcanteros....@gmail.com> wrote: > > I have to implement an automatic login on my tap application. I use tap >> 5.2.6 and tapestry-security 0.3.1. >> Initially I had a Login page with a login form, but now I have to pass >> the username and password to the login page via url, like this: >> *http://localhost:8080/**MyAppName/login?usr=userName&** >> pass=encryptedPass*<http://localhost:8080/MyAppName/login?usr=userName&pass=encryptedPass*> >> > > I'd never, ever, ever do that. It can open your application to replay > attacks. > > > The problem is: If I write > "http://localhost:8080/**MyAppName/<http://localhost:8080/MyAppName/>" >> in my browser and hit enter, then the login page appear, but it doesn't >> execute >> onActivate() method! So I can't redirect to the external page. But if I >> write " >> http://localhost:8080/**MyAppName/login<http://localhost:8080/MyAppName/login>" >> the method is executed. Anybody know why?? >> > > MyAppName is the context, so > http://localhost:8080/**MyAppName/<http://localhost:8080/MyAppName/>is > requesting the Index page of your application. Your login page has URL > /login, so what you're seeing is absolutely correct, expected behavior. > > > I thought that onActivate is always executed when a page is called. >> > > It's only executed in the page that was requested. If you want to implement > something that is executed in every page, search for ComponentRequestFilter > in the mailing list or look here: http://jumpstart.** > doublenegative.com.au/**jumpstart/examples/** > infrastructure/protectingpages<http://jumpstart.doublenegative.com.au/jumpstart/examples/infrastructure/protectingpages> > > -- > Thiago H. de Paula Figueiredo > Independent Java, Apache Tapestry 5 and Hibernate consultant, developer, > and instructor > Owner, Ars Machina Tecnologia da Informação Ltda. > http://www.arsmachina.com.br > > > ------------------------------**------------------------------**--------- > To unsubscribe, e-mail: > users-unsubscribe@tapestry.**apache.org<users-unsubscr...@tapestry.apache.org> > For additional commands, e-mail: users-h...@tapestry.apache.org > >