Hi, where is the registration of AuthenticatorImp implements AuthenticatorInterface? I can not see it in your binder.bind
Your constructor looks weird: public void PageAccessFilter in class RequiresLoginFilter ??? You should pass the interface there, not the impl. Kind regards David Am 07.08.2013 16:12, schrieb Willy Browne: > thanks for the help. I removed my Interface and now i get a > NullPointerException > * RequiresLoginFilter.dispatchedToLoginPage(RequiresLoginFilter.java:66) > * > services.RequiresLoginFilter.handlePageRender(RequiresLoginFilter.java:57) > * > org.apache.tapestry5.services.InitializeActivePageName.handlePageRender(InitializeActivePageName.java:47) > * > org.apache.tapestry5.internal.services.RootPathDispatcher.dispatch(RootPathDispatcher.java:66) > * > org.apache.tapestry5.services.TapestryModule$RequestHandlerTerminator.service(TapestryModule.java:302) > * .services.PmsModule$1.service(PmsModule.java:115) > * > org.apache.tapestry5.internal.services.RequestErrorFilter.service(RequestErrorFilter.java:26) > * > org.apache.tapestry5.services.TapestryModule$3.service(TapestryModule.java:902) > * > org.apache.tapestry5.services.TapestryModule$2.service(TapestryModule.java:892) > * > org.apache.tapestry5.internal.services.StaticFilesFilter.service(StaticFilesFilter.java:90) > * > org.apache.tapestry5.internal.services.CheckForUpdatesFilter$2.invoke(CheckForUpdatesFilter.java:105) > * > org.apache.tapestry5.internal.services.CheckForUpdatesFilter$2.invoke(CheckForUpdatesFilter.java:95) > * > org.apache.tapestry5.ioc.internal.util.ConcurrentBarrier.withRead(ConcurrentBarrier.java:85) > * > org.apache.tapestry5.internal.services.CheckForUpdatesFilter.service(CheckForUpdatesFilter.java:119) > * > org.apache.tapestry5.services.TapestryModule$HttpServletRequestHandlerTerminator.service(TapestryModule.java:253) > * > org.apache.tapestry5.internal.gzip.GZipFilter.service(GZipFilter.java:53) > * > org.apache.tapestry5.internal.services.IgnoredPathsFilter.service(IgnoredPathsFilter.java:62) > * > org.apache.tapestry5.services.TapestryModule$1.service(TapestryModule.java:852) > * org.apache.tapestry5.TapestryFilter.doFilter(TapestryFilter.java:171) > > public class RequiresLoginFilter implements ComponentRequestFilter { > private PageRenderLinkSource renderLinkSource; > > private ComponentSource componentSource; > private Response response; > > private AuthenticatorImp authService; > > public void PageAccessFilter(PageRenderLinkSource renderLinkSource, > ComponentSource componentSource, Response response, > AuthenticatorImp authService) { > > this.renderLinkSource = renderLinkSource; > this.componentSource = componentSource; > this.response = response; > this.authService = authService; > > } > > public void handleComponentEvent( > ComponentEventRequestParameters parameters, > ComponentRequestHandler handler) throws IOException { > > if (dispatchedToLoginPage(parameters.getActivePageName())) { > return; > } > > handler.handleComponentEvent(parameters); > > } > > public void handlePageRender(PageRenderRequestParameters parameters, > ComponentRequestHandler handler) throws IOException { > if (dispatchedToLoginPage(parameters.getLogicalPageName())) { > return; > } > > handler.handlePageRender(parameters); > } > > private boolean dispatchedToLoginPage(String pageName) throws IOException { > if (authService.isLoggedIn()) { // line 66 > return false; > } > > Component page = componentSource.getPage(pageName); > > if (!page.getClass().isAnnotationPresent(RequiresLogin.class)) { > return false; > } > > Link link = renderLinkSource.createPageRenderLink("Login"); > > response.sendRedirect(link); > > return true; > } > } > > > public class RequiresLoginFilter implements ComponentRequestFilter { > private PageRenderLinkSource renderLinkSource; > > private ComponentSource componentSource; > private Response response; > > private AuthenticatorImp authService; > > public void PageAccessFilter(PageRenderLinkSource renderLinkSource, > ComponentSource componentSource, Response response, > AuthenticatorImp authService) { > > this.renderLinkSource = renderLinkSource; > this.componentSource = componentSource; > this.response = response; > this.authService = authService; > > } > > public void handleComponentEvent( > ComponentEventRequestParameters parameters, > ComponentRequestHandler handler) throws IOException { > > if (dispatchedToLoginPage(parameters.getActivePageName())) { > return; > } > > handler.handleComponentEvent(parameters); > > } > > public void handlePageRender(PageRenderRequestParameters parameters, > ComponentRequestHandler handler) throws IOException { > if (dispatchedToLoginPage(parameters.getLogicalPageName())) { > return; > } > > handler.handlePageRender(parameters); > } > > private boolean dispatchedToLoginPage(String pageName) throws IOException { > // line 57 > if (authService.isLoggedIn()) { > return false; > } > > Component page = componentSource.getPage(pageName); > > if (!page.getClass().isAnnotationPresent(RequiresLogin.class)) { > return false; > } > > Link link = renderLinkSource.createPageRenderLink("Login"); > > response.sendRedirect(link); > > return true; > } > } > > > > public class AuthenticatorImp implements AuthenticatorInterface{ > > public static final String AUTH_TOKEN = "authToken"; > /** > * > */ > public AuthenticatorImp() { > super(); > // TODO Auto-generated constructor stub > } > > /** > * @param request > */ > public AuthenticatorImp(Request request) { > super(); > this.request = request; > } > > > > > @Inject > private Request request; > public Mitarbeiter getLoggedUser() { > > Mitarbeiter user = null; > > if (isLoggedIn()) > user = (Mitarbeiter) > request.getSession(true).getAttribute(AUTH_TOKEN); > > else > throw new IllegalStateException("The user is not logged ! "); > > return user; > } > > public boolean isLoggedIn() { > org.apache.tapestry5.services.Session session = request.getSession(true); > if (session != null) { return session.getAttribute(AUTH_TOKEN) != > null; } > return false; > > } > > @SuppressWarnings("unchecked") > public void login(String nickName, String password, org.hibernate.Session > session) > throws NoSuchAlgorithmException, UnsupportedEncodingException { > MitarbeiterDaoImpl mitarbeiterDao = new MitarbeiterDaoImpl( > Mitarbeiter.class, session); > Mitarbeiter authUser = mitarbeiterDao.authenticate(nickName, > Encrypt.MD5(password)); > > try{ > request.getSession(true).setAttribute(AUTH_TOKEN, authUser); > } > catch(NullPointerException e){ > System.out.println("Beim Einlogen ist ein fehler aufgetreten"); > } > > > } > > public void logout() { > org.apache.tapestry5.services.Session session = request.getSession(false); > if (session != null) > { > session.setAttribute(AUTH_TOKEN, null); > session.invalidate(); > } > } > > > } > > ________________________________ > De : Taha Hafeez Siddiqi <tawus.tapes...@gmail.com> > À : Tapestry users <users@tapestry.apache.org> > Envoyé le : Mardi 6 août 2013 14h41 > Objet : Re: Securing page with Tapestry > > > Are you defining your own ComponentRequestFilter interface? As you have > included the code for that I am assuming you have. > > You have to implement Tapestry's ComponentRequestFilter, not your own as you > can't contribute to the RequestHandler any other implementation. > > regards > Taha > > On 06-Aug-2013, at 5:53 PM, Will N. <llcool_wil...@yahoo.fr> wrote: > >> Am 06.08.2013 14:13, schrieb Thiago H de Paula Figueiredo: >>> I'm sorry, I should have asked for your ComponentRequestFilter >>> implementation source too. ;) >>> >>> On Tue, 06 Aug 2013 08:31:15 -0300, Will N. <llcool_wil...@yahoo.fr> wrote: >>> >>>> Am 06.08.2013 13:25, schrieb Thiago H de Paula Figueiredo: >>>>> On Tue, 06 Aug 2013 05:10:37 -0300, Will N. <llcool_wil...@yahoo.fr> >>>>> wrote: >>>>> >>>>>> Hi, >>>>> Hi! >>>>> >>>>>> I am trying secure some pages of my application as shown in this >>>>>> tutorial. http://tapestryjava.blogspot.co.uk/search/label/security >>>>>> But I am having following error message when I start the application. >>>>>> Since the RequiresLoginFilte class implements the ComponentRequestFilter >>>>>> interface, I am confused about the coertion error! >>>>> The error is weird. Could you post your >>>>> PmsModule.contributeComponentRequestHandler() method >>>> /** >>>> * This module is automatically included as part of the Tapestry IoC >>>> Registry, >>>> * it's a good place to configure and extend Tapestry, or to place your >>>> own >>>> * service definitions. spring >>>> */ >>>> public class PmsModule { >>>> // public static void bind(ServiceBinder binder) { >>>> // // binder.bind(MyServiceInterface.class, MyServiceImpl.class); >>>> // >>>> // // Make bind() calls on the binder object to define most IoC >>>> services. >>>> // // Use service builder methods (example below) when the >>>> implementation >>>> // // is provided inline, or requires more initialization than >>>> simply >>>> // // invoking the constructor. >>>> // binder.bind(ArbeitspaketDao.class, ArbeitspaketDaoImpl.class); >>>> // binder.bind(AufgabeDao.class, AufgabeDaoImpl.class); >>>> // binder.bind(BasicDao.class, BasicDaoImpl.class); >>>> // binder.bind(FunktionDao.class, FunktionDaoImpl.class); >>>> //// binder.bind(GrantedAuthorityBeanDao.class, >>>> //// GrantedAuthorityBeanDaoImpl.class); >>>> // binder.bind(MitarbeiterDao.class, MitarbeiterDaoImpl.class); >>>> // binder.bind(MitarbeiterProjektDao.class, >>>> // MitarbeiterProjektDaoImpl.class); >>>> // binder.bind(ModulDao.class, ModulDaoImpl.class); >>>> // binder.bind(PersonMonatDao.class, PersonMonatDaoImpl.class); >>>> // binder.bind(UserDataDao.class, UserDataDaoImpl.class); >>>> // binder.bind(ProjektDao.class, ProjektDaoImpl.class); >>>> // binder.bind(UnteraufgabeDao.class, UnteraufgabeDaoImpl.class); >>>> // binder.bind(UnterunteraufgabeDao.class, >>>> UnterunteraufgabeDaoImpl.class); >>>> // >>>> // } >>>> >>>> public static void contributeFactoryDefaults( >>>> MappedConfiguration<String, Object> configuration) { >>>> // The application version number is incorprated into URLs for >>>> some >>>> // assets. Web browsers will cache assets because of the far >>>> future >>>> // expires >>>> // header. If existing assets are changed, the version number >>>> should >>>> // also >>>> // change, to force the browser to download new versions. This >>>> overrides >>>> // Tapesty's default >>>> // (a random hexadecimal number), but may be further overriden by >>>> // DevelopmentModule or >>>> // QaModule. >>>> configuration.override(SymbolConstants.APPLICATION_VERSION, >>>> "1.0-SNAPSHOT"); >>>> } >>>> >>>> public static void contributeApplicationDefaults( >>>> MappedConfiguration<String, Object> configuration) { >>>> // Contributions to ApplicationDefaults will override any >>>> contributions >>>> // to >>>> // FactoryDefaults (with the same key). Here we're restricting the >>>> // supported >>>> // locales to just "en" (English). As you add localised message >>>> catalogs >>>> // and other assets, >>>> // you can extend this list of locales (it's a comma separated >>>> series of >>>> // locale names; >>>> // the first locale name is the default when there's no reasonable >>>> // match). >>>> // configuration.add(SymbolConstants.SUPPORTED_LOCALES, "en"); >>>> configuration.add(SymbolConstants.SUPPORTED_LOCALES, "de"); >>>> configuration.add(SymbolConstants.COMPRESS_WHITESPACE, "true"); >>>> >>>> } >>>> >>>> /** >>>> * This is a service definition, the service will be named >>>> "TimingFilter". >>>> * The interface, RequestFilter, is used within the RequestHandler >>>> service >>>> * pipeline, which is built from the RequestHandler service >>>> configuration. >>>> * Tapestry IoC is responsible for passing in an appropriate Logger >>>> * instance. Requests for static resources are handled at a higher >>>> level, so >>>> * this filter will only be invoked for Tapestry related requests. >>>> * <p/> >>>> * <p/> >>>> * Service builder methods are useful when the implementation is >>>> inline as >>>> * an inner class (as here) or require some other kind of special >>>> * initialization. In most cases, use the static bind() method >>>> instead. >>>> * <p/> >>>> * <p/> >>>> * If this method was named "build", then the service id would be >>>> taken from >>>> * the service interface and would be "RequestFilter". Since Tapestry >>>> * already defines a service named "RequestFilter" we use an explicit >>>> * service id that we can reference inside the contribution method. >>>> */ >>>> public RequestFilter buildTimingFilter(final Logger log) { >>>> return new RequestFilter() { >>>> public boolean service(Request request, Response response, >>>> RequestHandler handler) throws IOException { >>>> long startTime = System.currentTimeMillis(); >>>> >>>> try { >>>> // The responsibility of a filter is to invoke the >>>> // corresponding method >>>> // in the handler. When you chain multiple filters >>>> together, >>>> // each filter >>>> // received a handler that is a bridge to the next >>>> filter. >>>> >>>> return handler.service(request, response); >>>> } finally { >>>> long elapsed = System.currentTimeMillis() - startTime; >>>> >>>> log.info(String.format("Request time: %d ms", >>>> elapsed)); >>>> } >>>> } >>>> }; >>>> } >>>> >>>> /** >>>> * This is a contribution to the RequestHandler service >>>> configuration. This >>>> * is how we extend Tapestry using the timing filter. A common use >>>> for this >>>> * kind of filter is transaction management or security. The @Local >>>> * annotation selects the desired service by type, but only from the >>>> same >>>> * module. Without @Local, there would be an error due to the other >>>> * service(s) that implement RequestFilter (defined in other modules). >>>> */ >>>> public void >>>> contributeRequestHandler(OrderedConfiguration<RequestFilter> >>>> configuration, @Local RequestFilter filter) { >>>> // Each contribution to an ordered configuration has a name, When >>>> // necessary, you may >>>> // set constraints to precisely control the invocation order of >>>> the >>>> // contributed filter >>>> // within the pipeline. >>>> >>>> configuration.add("Timing", filter); >>>> } >>>> >>>> >>>> @SuppressWarnings("unchecked") >>>> public static void >>>> contributeComponentRequestHandler(OrderedConfiguration configuration) { >>>> configuration.addInstance("RequiresLogin", >>>> RequiresLoginFilter.class); >>>> >>>> } >>>> >>>> >>>> >>>> >>>> >>>> >>>> } >>>> >>>> --------------------------------------------------------------------- >>>> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org >>>> For additional commands, e-mail: users-h...@tapestry.apache.org >>>> >>> >> >> >> import java.io.IOException; >> >> import org.apache.tapestry5.services.ComponentEventRequestParameters; >> import org.apache.tapestry5.services.ComponentRequestHandler; >> import org.apache.tapestry5.services.PageRenderRequestParameters; >> >> >> /** >> * Filter interface for {@link >> org.apache.tapestry5.services.ComponentRequestHandler}. >> */ >> /** >> * Our implementation of this filter will check the page referenced in the >> request to see if it has the annotation. >> * If the annotation is present and the user has not yet logged in, we'll >> redirect to the Login page. >> * When a redirect is not necessary, we delegate to the next handler in the >> pipeline2: >> */ >> public interface ComponentRequestFilter >> { >> /** >> * Handler for a component action request which will trigger an event on >> a component and use the return value to >> * send a response to the client (typically, a redirect to a page render >> URL). >> * >> * @param parameters defining the request >> * @param handler next handler in the pipeline >> */ >> void handleComponentEvent(ComponentEventRequestParameters parameters, >> ComponentRequestHandler handler) >> throws IOException; >> >> /** >> * Invoked to activate and render a page. In certain cases, based on >> values returned when activating the page, a >> * {@link org.apache.tapestry5.services.ComponentEventResultProcessor} >> may be used to send an alternate response >> * (typically, a redirect). >> * >> * @param parameters defines the page name and activation context >> * @param handler next handler in the pipeline >> */ >> void handlePageRender(PageRenderRequestParameters parameters, >> ComponentRequestHandler handler) throws IOException; >> } >> >> >> >> >> >> >> import java.io.IOException; >> >> import org.apache.tapestry5.Link; >> import org.apache.tapestry5.runtime.Component; >> import org.apache.tapestry5.services.ComponentEventRequestParameters; >> import org.apache.tapestry5.services.ComponentRequestHandler; >> import org.apache.tapestry5.services.ComponentSource; >> import org.apache.tapestry5.services.PageRenderLinkSource; >> import org.apache.tapestry5.services.PageRenderRequestParameters; >> import org.apache.tapestry5.services.Response; >> >> >> import com.example.pms.annotations.*; >> >> >> public class RequiresLoginFilter implements ComponentRequestFilter { >> >> private PageRenderLinkSource renderLinkSource; >> >> private ComponentSource componentSource; >> >> private Response response; >> >> // private final AuthenticationService authService; >> private AuthenticatorImp authService; >> >> >> public void PageAccessFilter(PageRenderLinkSource renderLinkSource, >> ComponentSource componentSource, >> Response response, AuthenticatorImp >> authService) { >> >> this.renderLinkSource = renderLinkSource; >> this.componentSource = componentSource; >> this.response = response; >> this.authService = authService; >> >> } >> >> public void handleComponentEvent( >> ComponentEventRequestParameters parameters, >> ComponentRequestHandler handler) throws IOException { >> >> if (dispatchedToLoginPage(parameters.getActivePageName())) { >> return; >> } >> >> handler.handleComponentEvent(parameters); >> >> } >> >> public void handlePageRender(PageRenderRequestParameters parameters, >> ComponentRequestHandler handler) throws IOException { >> >> if (dispatchedToLoginPage(parameters.getLogicalPageName())) { >> return; >> } >> >> handler.handlePageRender(parameters); >> } >> >> private boolean dispatchedToLoginPage(String pageName) throws IOException { >> >> if (authService.isLoggedIn()) { >> return false; >> } >> >> Component page = componentSource.getPage(pageName); >> >> if (! page.getClass().isAnnotationPresent(RequiresLogin.class)) { >> return false; >> } >> >> Link link = renderLinkSource.createPageRenderLink("Index"); >> >> response.sendRedirect(link); >> >> return true; >> } >> } >> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org >> For additional commands, e-mail: users-h...@tapestry.apache.org >> > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org > For additional commands, e-mail: users-h...@tapestry.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org