Hi,

where is the registration of AuthenticatorImp implements
AuthenticatorInterface? I can not see it in your binder.bind

Your constructor looks weird:
public void PageAccessFilter in class RequiresLoginFilter ???

You should pass the interface there, not the impl.


Kind regards
David

Am 07.08.2013 16:12, schrieb Willy Browne:
> thanks for the help. I removed my Interface and now i get a 
> NullPointerException
>       * RequiresLoginFilter.dispatchedToLoginPage(RequiresLoginFilter.java:66)
>       * 
> services.RequiresLoginFilter.handlePageRender(RequiresLoginFilter.java:57)
>       * 
> org.apache.tapestry5.services.InitializeActivePageName.handlePageRender(InitializeActivePageName.java:47)
>       * 
> org.apache.tapestry5.internal.services.RootPathDispatcher.dispatch(RootPathDispatcher.java:66)
>       * 
> org.apache.tapestry5.services.TapestryModule$RequestHandlerTerminator.service(TapestryModule.java:302)
>       * .services.PmsModule$1.service(PmsModule.java:115)
>       * 
> org.apache.tapestry5.internal.services.RequestErrorFilter.service(RequestErrorFilter.java:26)
>       * 
> org.apache.tapestry5.services.TapestryModule$3.service(TapestryModule.java:902)
>       * 
> org.apache.tapestry5.services.TapestryModule$2.service(TapestryModule.java:892)
>       * 
> org.apache.tapestry5.internal.services.StaticFilesFilter.service(StaticFilesFilter.java:90)
>       * 
> org.apache.tapestry5.internal.services.CheckForUpdatesFilter$2.invoke(CheckForUpdatesFilter.java:105)
>       * 
> org.apache.tapestry5.internal.services.CheckForUpdatesFilter$2.invoke(CheckForUpdatesFilter.java:95)
>       * 
> org.apache.tapestry5.ioc.internal.util.ConcurrentBarrier.withRead(ConcurrentBarrier.java:85)
>       * 
> org.apache.tapestry5.internal.services.CheckForUpdatesFilter.service(CheckForUpdatesFilter.java:119)
>       * 
> org.apache.tapestry5.services.TapestryModule$HttpServletRequestHandlerTerminator.service(TapestryModule.java:253)
>       * 
> org.apache.tapestry5.internal.gzip.GZipFilter.service(GZipFilter.java:53)
>       * 
> org.apache.tapestry5.internal.services.IgnoredPathsFilter.service(IgnoredPathsFilter.java:62)
>       * 
> org.apache.tapestry5.services.TapestryModule$1.service(TapestryModule.java:852)
>       * org.apache.tapestry5.TapestryFilter.doFilter(TapestryFilter.java:171)
>
> public class RequiresLoginFilter implements ComponentRequestFilter {
> private PageRenderLinkSource renderLinkSource;
>
> private ComponentSource componentSource;
> private Response response;
>
> private AuthenticatorImp authService;
>
> public void PageAccessFilter(PageRenderLinkSource renderLinkSource,
> ComponentSource componentSource, Response response,
> AuthenticatorImp authService) {
>
> this.renderLinkSource = renderLinkSource;
> this.componentSource = componentSource;
> this.response = response;
> this.authService = authService;
>
> }
>
> public void handleComponentEvent(
> ComponentEventRequestParameters parameters,
> ComponentRequestHandler handler) throws IOException {
>
> if (dispatchedToLoginPage(parameters.getActivePageName())) {
> return;
> }
>
> handler.handleComponentEvent(parameters);
>
> }
>
> public void handlePageRender(PageRenderRequestParameters parameters,
> ComponentRequestHandler handler) throws IOException {
> if (dispatchedToLoginPage(parameters.getLogicalPageName())) {
> return;
> }
>
> handler.handlePageRender(parameters);
> }
>
> private boolean dispatchedToLoginPage(String pageName) throws IOException {
> if (authService.isLoggedIn()) {  // line 66
> return false;
> }
>
> Component page = componentSource.getPage(pageName);
>
> if (!page.getClass().isAnnotationPresent(RequiresLogin.class)) {
> return false;
> }
>
> Link link = renderLinkSource.createPageRenderLink("Login");
>
> response.sendRedirect(link);
>
> return true;
> }
> }
>
>
> public class RequiresLoginFilter implements ComponentRequestFilter {
> private PageRenderLinkSource renderLinkSource;
>
> private ComponentSource componentSource;
> private Response response;
>
> private AuthenticatorImp authService;
>
> public void PageAccessFilter(PageRenderLinkSource renderLinkSource,
> ComponentSource componentSource, Response response,
> AuthenticatorImp authService) {
>
> this.renderLinkSource = renderLinkSource;
> this.componentSource = componentSource;
> this.response = response;
> this.authService = authService;
>
> }
>
> public void handleComponentEvent(
> ComponentEventRequestParameters parameters,
> ComponentRequestHandler handler) throws IOException {
>
> if (dispatchedToLoginPage(parameters.getActivePageName())) {
> return;
> }
>
> handler.handleComponentEvent(parameters);
>
> }
>
> public void handlePageRender(PageRenderRequestParameters parameters,
> ComponentRequestHandler handler) throws IOException {
> if (dispatchedToLoginPage(parameters.getLogicalPageName())) {
> return;
> }
>
> handler.handlePageRender(parameters);
> }
>
> private boolean dispatchedToLoginPage(String pageName) throws IOException {  
> // line 57
> if (authService.isLoggedIn()) {
> return false;
> }
>
> Component page = componentSource.getPage(pageName);
>
> if (!page.getClass().isAnnotationPresent(RequiresLogin.class)) {
> return false;
> }
>
> Link link = renderLinkSource.createPageRenderLink("Login");
>
> response.sendRedirect(link);
>
> return true;
> }
> }
>
>
>
> public class AuthenticatorImp implements AuthenticatorInterface{
>
> public static final String AUTH_TOKEN = "authToken";
> /**
>  * 
>  */
> public AuthenticatorImp() {
> super();
> // TODO Auto-generated constructor stub
> }
>
> /**
>  * @param request
>  */
> public AuthenticatorImp(Request request) {
> super();
> this.request = request;
> }
>
>
>
>
> @Inject
> private Request request;
> public Mitarbeiter getLoggedUser() {
>  
> Mitarbeiter user = null;
>
>         if (isLoggedIn())
>             user = (Mitarbeiter) 
> request.getSession(true).getAttribute(AUTH_TOKEN);
>         
>         else
>             throw new IllegalStateException("The user is not logged ! ");
>         
>         return user;
> }
>
> public boolean isLoggedIn() {
> org.apache.tapestry5.services.Session session =  request.getSession(true);
>         if (session != null) { return session.getAttribute(AUTH_TOKEN) != 
> null; }
>         return false;
>
> }
>
> @SuppressWarnings("unchecked")
> public void login(String nickName, String password, org.hibernate.Session 
> session)
> throws NoSuchAlgorithmException, UnsupportedEncodingException {
> MitarbeiterDaoImpl mitarbeiterDao = new MitarbeiterDaoImpl( 
> Mitarbeiter.class, session);
> Mitarbeiter authUser = mitarbeiterDao.authenticate(nickName, 
> Encrypt.MD5(password));
>
> try{
> request.getSession(true).setAttribute(AUTH_TOKEN, authUser);
>     }
>     catch(NullPointerException e){
>     System.out.println("Beim Einlogen ist ein fehler aufgetreten");
>     }
>     
>     
> }
>
> public void logout() {
> org.apache.tapestry5.services.Session session = request.getSession(false);
>         if (session != null)
>         {
>             session.setAttribute(AUTH_TOKEN, null);
>             session.invalidate();
>         }
> }
>
>
> }
>
> ________________________________
>  De : Taha Hafeez Siddiqi <tawus.tapes...@gmail.com>
> À : Tapestry users <users@tapestry.apache.org> 
> Envoyé le : Mardi 6 août 2013 14h41
> Objet : Re: Securing page with Tapestry
>  
>
> Are you defining your own ComponentRequestFilter interface? As you have 
> included the code for that I am assuming you have.
>
> You have to implement Tapestry's ComponentRequestFilter, not your own as you 
> can't contribute to the RequestHandler any other implementation.
>
> regards
> Taha
>
> On 06-Aug-2013, at 5:53 PM, Will N. <llcool_wil...@yahoo.fr> wrote:
>
>> Am 06.08.2013 14:13, schrieb Thiago H de Paula Figueiredo:
>>> I'm sorry, I should have asked for your ComponentRequestFilter 
>>> implementation source too. ;)
>>>
>>> On Tue, 06 Aug 2013 08:31:15 -0300, Will N. <llcool_wil...@yahoo.fr> wrote:
>>>
>>>> Am 06.08.2013 13:25, schrieb Thiago H de Paula Figueiredo:
>>>>> On Tue, 06 Aug 2013 05:10:37 -0300, Will N. <llcool_wil...@yahoo.fr> 
>>>>> wrote:
>>>>>
>>>>>> Hi,
>>>>> Hi!
>>>>>
>>>>>> I am trying secure some pages of my application as shown in this 
>>>>>> tutorial. http://tapestryjava.blogspot.co.uk/search/label/security
>>>>>> But I am having following error message when I start the application.
>>>>>> Since the RequiresLoginFilte class implements the ComponentRequestFilter 
>>>>>> interface, I am confused about the coertion error!
>>>>> The error is weird. Could you post your 
>>>>> PmsModule.contributeComponentRequestHandler() method
>>>> /**
>>>>   * This module is automatically included as part of the Tapestry IoC 
>>>> Registry,
>>>>   * it's a good place to configure and extend Tapestry, or to place your 
>>>> own
>>>>   * service definitions. spring
>>>>   */
>>>> public class PmsModule {
>>>> //    public static void bind(ServiceBinder binder) {
>>>> //        // binder.bind(MyServiceInterface.class, MyServiceImpl.class);
>>>> //
>>>> //        // Make bind() calls on the binder object to define most IoC 
>>>> services.
>>>> //        // Use service builder methods (example below) when the 
>>>> implementation
>>>> //        // is provided inline, or requires more initialization than 
>>>> simply
>>>> //        // invoking the constructor.
>>>> //        binder.bind(ArbeitspaketDao.class, ArbeitspaketDaoImpl.class);
>>>> //        binder.bind(AufgabeDao.class, AufgabeDaoImpl.class);
>>>> //        binder.bind(BasicDao.class, BasicDaoImpl.class);
>>>> //        binder.bind(FunktionDao.class, FunktionDaoImpl.class);
>>>> ////        binder.bind(GrantedAuthorityBeanDao.class,
>>>> ////                GrantedAuthorityBeanDaoImpl.class);
>>>> //        binder.bind(MitarbeiterDao.class, MitarbeiterDaoImpl.class);
>>>> //        binder.bind(MitarbeiterProjektDao.class,
>>>> //                MitarbeiterProjektDaoImpl.class);
>>>> //        binder.bind(ModulDao.class, ModulDaoImpl.class);
>>>> //        binder.bind(PersonMonatDao.class, PersonMonatDaoImpl.class);
>>>> //        binder.bind(UserDataDao.class, UserDataDaoImpl.class);
>>>> //        binder.bind(ProjektDao.class, ProjektDaoImpl.class);
>>>> //        binder.bind(UnteraufgabeDao.class, UnteraufgabeDaoImpl.class);
>>>> //        binder.bind(UnterunteraufgabeDao.class, 
>>>> UnterunteraufgabeDaoImpl.class);
>>>> //
>>>> //    }
>>>>
>>>>      public static void contributeFactoryDefaults(
>>>>              MappedConfiguration<String, Object> configuration) {
>>>>          // The application version number is incorprated into URLs for 
>>>> some
>>>>          // assets. Web browsers will cache assets because of the far 
>>>> future
>>>>          // expires
>>>>          // header. If existing assets are changed, the version number 
>>>> should
>>>>          // also
>>>>          // change, to force the browser to download new versions. This 
>>>> overrides
>>>>          // Tapesty's default
>>>>          // (a random hexadecimal number), but may be further overriden by
>>>>          // DevelopmentModule or
>>>>          // QaModule.
>>>> configuration.override(SymbolConstants.APPLICATION_VERSION,
>>>>                  "1.0-SNAPSHOT");
>>>>      }
>>>>
>>>>      public static void contributeApplicationDefaults(
>>>>              MappedConfiguration<String, Object> configuration) {
>>>>          // Contributions to ApplicationDefaults will override any 
>>>> contributions
>>>>          // to
>>>>          // FactoryDefaults (with the same key). Here we're restricting the
>>>>          // supported
>>>>          // locales to just "en" (English). As you add localised message 
>>>> catalogs
>>>>          // and other assets,
>>>>          // you can extend this list of locales (it's a comma separated 
>>>> series of
>>>>          // locale names;
>>>>          // the first locale name is the default when there's no reasonable
>>>>          // match).
>>>>          // configuration.add(SymbolConstants.SUPPORTED_LOCALES, "en");
>>>>          configuration.add(SymbolConstants.SUPPORTED_LOCALES, "de");
>>>>          configuration.add(SymbolConstants.COMPRESS_WHITESPACE, "true");
>>>>
>>>>      }
>>>>
>>>>      /**
>>>>       * This is a service definition, the service will be named 
>>>> "TimingFilter".
>>>>       * The interface, RequestFilter, is used within the RequestHandler 
>>>> service
>>>>       * pipeline, which is built from the RequestHandler service 
>>>> configuration.
>>>>       * Tapestry IoC is responsible for passing in an appropriate Logger
>>>>       * instance. Requests for static resources are handled at a higher 
>>>> level, so
>>>>       * this filter will only be invoked for Tapestry related requests.
>>>>       * <p/>
>>>>       * <p/>
>>>>       * Service builder methods are useful when the implementation is 
>>>> inline as
>>>>       * an inner class (as here) or require some other kind of special
>>>>       * initialization. In most cases, use the static bind() method 
>>>> instead.
>>>>       * <p/>
>>>>       * <p/>
>>>>       * If this method was named "build", then the service id would be 
>>>> taken from
>>>>       * the service interface and would be "RequestFilter". Since Tapestry
>>>>       * already defines a service named "RequestFilter" we use an explicit
>>>>       * service id that we can reference inside the contribution method.
>>>>       */
>>>>      public RequestFilter buildTimingFilter(final Logger log) {
>>>>          return new RequestFilter() {
>>>>              public boolean service(Request request, Response response,
>>>>                      RequestHandler handler) throws IOException {
>>>>                  long startTime = System.currentTimeMillis();
>>>>
>>>>                  try {
>>>>                      // The responsibility of a filter is to invoke the
>>>>                      // corresponding method
>>>>                      // in the handler. When you chain multiple filters 
>>>> together,
>>>>                      // each filter
>>>>                      // received a handler that is a bridge to the next 
>>>> filter.
>>>>
>>>>                      return handler.service(request, response);
>>>>                  } finally {
>>>>                      long elapsed = System.currentTimeMillis() - startTime;
>>>>
>>>>                      log.info(String.format("Request time: %d ms", 
>>>> elapsed));
>>>>                  }
>>>>              }
>>>>          };
>>>>      }
>>>>
>>>>      /**
>>>>       * This is a contribution to the RequestHandler service 
>>>> configuration. This
>>>>       * is how we extend Tapestry using the timing filter. A common use 
>>>> for this
>>>>       * kind of filter is transaction management or security. The @Local
>>>>       * annotation selects the desired service by type, but only from the 
>>>> same
>>>>       * module. Without @Local, there would be an error due to the other
>>>>       * service(s) that implement RequestFilter (defined in other modules).
>>>>       */
>>>>      public void 
>>>> contributeRequestHandler(OrderedConfiguration<RequestFilter> 
>>>> configuration, @Local RequestFilter filter) {
>>>>          // Each contribution to an ordered configuration has a name, When
>>>>          // necessary, you may
>>>>          // set constraints to precisely control the invocation order of 
>>>> the
>>>>          // contributed filter
>>>>          // within the pipeline.
>>>>
>>>>          configuration.add("Timing", filter);
>>>>      }
>>>>
>>>>
>>>>      @SuppressWarnings("unchecked")
>>>>      public static void 
>>>> contributeComponentRequestHandler(OrderedConfiguration configuration) {
>>>>              configuration.addInstance("RequiresLogin", 
>>>> RequiresLoginFilter.class);
>>>>
>>>>      }
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> }
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
>>>> For additional commands, e-mail: users-h...@tapestry.apache.org
>>>>
>>>
>>
>>
>> import java.io.IOException;
>>
>> import org.apache.tapestry5.services.ComponentEventRequestParameters;
>> import org.apache.tapestry5.services.ComponentRequestHandler;
>> import org.apache.tapestry5.services.PageRenderRequestParameters;
>>
>>
>> /**
>> * Filter interface for {@link 
>> org.apache.tapestry5.services.ComponentRequestHandler}.
>> */
>> /**
>> * Our implementation of this filter will check the page referenced in the 
>> request to see if it has the annotation.
>> * If the annotation is present and the user has not yet logged in, we'll 
>> redirect to the Login page.
>> * When a redirect is not necessary, we delegate to the next handler in the 
>> pipeline2:
>> */
>> public interface ComponentRequestFilter
>> {
>>     /**
>>      * Handler for a component action request which will trigger an event on 
>> a component and use the return value to
>>      * send a response to the client (typically, a redirect to a page render 
>> URL).
>>      *
>>      * @param parameters defining the request
>>      * @param handler    next handler in the pipeline
>>      */
>>     void handleComponentEvent(ComponentEventRequestParameters parameters, 
>> ComponentRequestHandler handler)
>>             throws IOException;
>>
>>     /**
>>      * Invoked to activate and render a page. In certain cases, based on 
>> values returned when activating the page, a
>>      * {@link org.apache.tapestry5.services.ComponentEventResultProcessor} 
>> may be used to send an alternate response
>>      * (typically, a redirect).
>>      *
>>      * @param parameters defines the page name and activation context
>>      * @param handler    next handler in the pipeline
>>      */
>>     void handlePageRender(PageRenderRequestParameters parameters, 
>> ComponentRequestHandler handler) throws IOException;
>> }
>>
>>
>>
>>
>>
>>
>> import java.io.IOException;
>>
>> import org.apache.tapestry5.Link;
>> import org.apache.tapestry5.runtime.Component;
>> import org.apache.tapestry5.services.ComponentEventRequestParameters;
>> import org.apache.tapestry5.services.ComponentRequestHandler;
>> import org.apache.tapestry5.services.ComponentSource;
>> import org.apache.tapestry5.services.PageRenderLinkSource;
>> import org.apache.tapestry5.services.PageRenderRequestParameters;
>> import org.apache.tapestry5.services.Response;
>>
>>
>> import com.example.pms.annotations.*;
>>
>>
>> public class RequiresLoginFilter implements ComponentRequestFilter {
>>
>>   private PageRenderLinkSource renderLinkSource;
>>
>>   private ComponentSource componentSource;
>>
>>   private Response response;
>>
>> //  private final AuthenticationService authService;
>>   private AuthenticatorImp authService;
>>
>>
>>   public void PageAccessFilter(PageRenderLinkSource renderLinkSource, 
>> ComponentSource componentSource,
>>                                   Response response, AuthenticatorImp 
>> authService) {
>>
>>     this.renderLinkSource = renderLinkSource;
>>     this.componentSource = componentSource;
>>     this.response = response;
>>     this.authService = authService;
>>
>>   }
>>
>>   public void handleComponentEvent(
>>       ComponentEventRequestParameters parameters,
>>       ComponentRequestHandler handler) throws IOException {
>>
>>     if (dispatchedToLoginPage(parameters.getActivePageName())) {
>>       return;
>>     }
>>
>>     handler.handleComponentEvent(parameters);
>>
>>   }
>>
>>   public void handlePageRender(PageRenderRequestParameters parameters,
>>       ComponentRequestHandler handler) throws IOException {
>>
>>     if (dispatchedToLoginPage(parameters.getLogicalPageName())) {
>>       return;
>>     }
>>
>>     handler.handlePageRender(parameters);
>>   }
>>
>>   private boolean dispatchedToLoginPage(String pageName) throws IOException {
>>
>>     if (authService.isLoggedIn()) {
>>       return false;
>>     }
>>
>>     Component page = componentSource.getPage(pageName);
>>
>>     if (! page.getClass().isAnnotationPresent(RequiresLogin.class)) {
>>       return false;
>>     }
>>
>>     Link link = renderLinkSource.createPageRenderLink("Index");
>>
>>     response.sendRedirect(link);
>>
>>     return true;
>>   }
>> }
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
>> For additional commands, e-mail: users-h...@tapestry.apache.org
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
> For additional commands, e-mail: users-h...@tapestry.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org

Reply via email to