so we can do something like this:
configuration.add(factory.createChain("/admin/**").add(factory.authc()).build());
the entire admin package should be protected, right?
I like that reverse annotation approach, or probably something like https in
tapestry5, once set, everything should be https unless specified
otherwise(https has no exception I believe)
I see a lot of improvements I can make to my existing application with
tynamo security, I do not like too much dependencies in the app, however
this tynamo dependency should have been something I have depended on long
time ago, anyway, thanks for the nice package.
Kalle Korhonen-2 wrote
>
>
> It could, but currently it doesn't. You can achieve roughly the same
> effect with url-based filtering, i.e:
> configuration.add(factory.createChain("/**").add(factory.authc()).build());
>
> I've long thought about creating "reverse" annotations but so far
> haven't implemented them. So instead of @RequiresXXX, you could put
> the application in a "very secure" mode, then poke holes in the page
> security with @AllowsAnonymous etc. annotations, similar to how
> firewalls are typically configured. I just hate the possibility of
> accidentally leaving some doors open.
>
> Kalle
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@.apache
> For additional commands, e-mail: users-help@.apache
>
--
View this message in context:
http://tapestry.1045711.n5.nabble.com/tapestry-security-tp5109017p5109158.html
Sent from the Tapestry - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
