I also think Taha has the right answer.
I don't think just adding ResteasyRequestFilter after StoreIntoGlobals
is going to solve the issue.
If both SecurityConfiguration and ResteasyRequestFilter are configured
as "after:StoreIntoGlobals" how does Tapestry knows which one should
be first.
I think you really need to explicitly tell the IoC to configure
SecurityConfiguration before the ResteasyRequestFilter. Am I wrong?
BTW, please Boris don't use sessions with rest services. Kalle was
right on spot:
> configure basic authentication, disable sessions and send the credentials
> with every client request.
Cheers.
Alejandro.
On Wed, Jul 18, 2012 at 3:25 AM, Kalle Korhonen
<kalle.o.korho...@gmail.com> wrote:
> Taha's got the winning answer, thanks! The default order constraints
> for the contributions make some sense but perhaps we could address
> this in the resteasy module and contribute it after
> StoreIntoGlobals... I think there may have been some discussion around
> this before, I need to check the archives (or wait for Alejandro to
> chime in any minute now).
>
> Kalle
>
>
> On Tue, Jul 17, 2012 at 6:00 PM, Taha Siddiqi <tawus.tapes...@gmail.com>
> wrote:
>> Hi
>>
>> For security I changed the order of the SecurityConfiguration in the
>> Application Module
>>
>> public static void contributeHttpServletRequestHandler(
>> @InjectService("SecurityConfiguration") HttpServletRequestFilter
>> securityConfiguration,
>> OrderedConfiguration<HttpServletRequestFilter> filters) {
>> filters.override("SecurityConfiguration", securityConfiguration,
>> "before:ResteasyRequestFilter,after:StoreIntoGlobals");
>> }
>>
>> regards
>> Taha
>>
>> On Jul 18, 2012, at 5:28 AM, bhorvat wrote:
>>
>>> I tried security part of the code again and I got this exception
>>>
>>> org.apache.shiro.UnavailableSecurityManagerException: No SecurityManager
>>> accessible to the calling code, either bound to the
>>> org.apache.shiro.util.ThreadContext or as a vm static singleton. This is an
>>> invalid application configuration.
>>>
>>> and if I run the normal website first (just load any page) I get this
>>> exception
>>>
>>> org.jboss.resteasy.spi.UnhandledException:
>>> java.lang.IllegalArgumentException: SessionContext must be an HTTP
>>> compatible implementation.
>>>
>>> and after that I run it again, and it worked fine. The next time, exception
>>> again. Anyone has any idea what is the problem, or how should be best to
>>> solve this?
>>>
>>> cheers
>>>
>>> --
>>> View this message in context:
>>> http://tapestry.1045711.n5.nabble.com/Tapestry-Tynamo-Rest-and-security-integration-questions-tp5714525p5714530.html
>>> Sent from the Tapestry - User mailing list archive at Nabble.com.
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
>>> For additional commands, e-mail: users-h...@tapestry.apache.org
>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
>> For additional commands, e-mail: users-h...@tapestry.apache.org
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
> For additional commands, e-mail: users-h...@tapestry.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
