On Wed, Jul 18, 2012 at 6:42 AM, Alejandro Scandroli
<alejandroscandr...@gmail.com> wrote:
> I don't think just adding ResteasyRequestFilter after StoreIntoGlobals
> is going to solve the issue.
> If both SecurityConfiguration and ResteasyRequestFilter are configured
> as "after:StoreIntoGlobals" how does Tapestry knows which one should
> be first.
> I think you really need to explicitly tell the IoC to configure
> SecurityConfiguration before the ResteasyRequestFilter. Am I wrong?
We could have two "after" constraints, couldn't we?
Or, we could just change the securityModule to do:
configuration.add("SecurityConfiguration", securityConfiguration,
"before:ResteasyRequestFilter,after:StoreIntoGlobals");
Or, perhaps we won't do anything, it's easy enough to override.
> BTW, please Boris don't use sessions with rest services. Kalle was
> right on spot:
>> configure basic authentication, disable sessions and send the credentials
>> with every client request.
I'm not that much of a purist ;) If the user logs in through a normal
login form and only uses the rest services while he's authenticated,
I'd just use the same session to validate the user.
Kalle
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
