thanks for the help. I removed my Interface and now i get a NullPointerException
* RequiresLoginFilter.dispatchedToLoginPage(RequiresLoginFilter.java:66)
*
services.RequiresLoginFilter.handlePageRender(RequiresLoginFilter.java:57)
*
org.apache.tapestry5.services.InitializeActivePageName.handlePageRender(InitializeActivePageName.java:47)
*
org.apache.tapestry5.internal.services.RootPathDispatcher.dispatch(RootPathDispatcher.java:66)
*
org.apache.tapestry5.services.TapestryModule$RequestHandlerTerminator.service(TapestryModule.java:302)
* .services.PmsModule$1.service(PmsModule.java:115)
*
org.apache.tapestry5.internal.services.RequestErrorFilter.service(RequestErrorFilter.java:26)
*
org.apache.tapestry5.services.TapestryModule$3.service(TapestryModule.java:902)
*
org.apache.tapestry5.services.TapestryModule$2.service(TapestryModule.java:892)
*
org.apache.tapestry5.internal.services.StaticFilesFilter.service(StaticFilesFilter.java:90)
*
org.apache.tapestry5.internal.services.CheckForUpdatesFilter$2.invoke(CheckForUpdatesFilter.java:105)
*
org.apache.tapestry5.internal.services.CheckForUpdatesFilter$2.invoke(CheckForUpdatesFilter.java:95)
*
org.apache.tapestry5.ioc.internal.util.ConcurrentBarrier.withRead(ConcurrentBarrier.java:85)
*
org.apache.tapestry5.internal.services.CheckForUpdatesFilter.service(CheckForUpdatesFilter.java:119)
*
org.apache.tapestry5.services.TapestryModule$HttpServletRequestHandlerTerminator.service(TapestryModule.java:253)
*
org.apache.tapestry5.internal.gzip.GZipFilter.service(GZipFilter.java:53)
*
org.apache.tapestry5.internal.services.IgnoredPathsFilter.service(IgnoredPathsFilter.java:62)
*
org.apache.tapestry5.services.TapestryModule$1.service(TapestryModule.java:852)
* org.apache.tapestry5.TapestryFilter.doFilter(TapestryFilter.java:171)
public class RequiresLoginFilter implements ComponentRequestFilter {
private PageRenderLinkSource renderLinkSource;
private ComponentSource componentSource;
private Response response;
private AuthenticatorImp authService;
public void PageAccessFilter(PageRenderLinkSource renderLinkSource,
ComponentSource componentSource, Response response,
AuthenticatorImp authService) {
this.renderLinkSource = renderLinkSource;
this.componentSource = componentSource;
this.response = response;
this.authService = authService;
}
public void handleComponentEvent(
ComponentEventRequestParameters parameters,
ComponentRequestHandler handler) throws IOException {
if (dispatchedToLoginPage(parameters.getActivePageName())) {
return;
}
handler.handleComponentEvent(parameters);
}
public void handlePageRender(PageRenderRequestParameters parameters,
ComponentRequestHandler handler) throws IOException {
if (dispatchedToLoginPage(parameters.getLogicalPageName())) {
return;
}
handler.handlePageRender(parameters);
}
private boolean dispatchedToLoginPage(String pageName) throws IOException {
if (authService.isLoggedIn()) { // line 66
return false;
}
Component page = componentSource.getPage(pageName);
if (!page.getClass().isAnnotationPresent(RequiresLogin.class)) {
return false;
}
Link link = renderLinkSource.createPageRenderLink("Login");
response.sendRedirect(link);
return true;
}
}
public class RequiresLoginFilter implements ComponentRequestFilter {
private PageRenderLinkSource renderLinkSource;
private ComponentSource componentSource;
private Response response;
private AuthenticatorImp authService;
public void PageAccessFilter(PageRenderLinkSource renderLinkSource,
ComponentSource componentSource, Response response,
AuthenticatorImp authService) {
this.renderLinkSource = renderLinkSource;
this.componentSource = componentSource;
this.response = response;
this.authService = authService;
}
public void handleComponentEvent(
ComponentEventRequestParameters parameters,
ComponentRequestHandler handler) throws IOException {
if (dispatchedToLoginPage(parameters.getActivePageName())) {
return;
}
handler.handleComponentEvent(parameters);
}
public void handlePageRender(PageRenderRequestParameters parameters,
ComponentRequestHandler handler) throws IOException {
if (dispatchedToLoginPage(parameters.getLogicalPageName())) {
return;
}
handler.handlePageRender(parameters);
}
private boolean dispatchedToLoginPage(String pageName) throws IOException { //
line 57
if (authService.isLoggedIn()) {
return false;
}
Component page = componentSource.getPage(pageName);
if (!page.getClass().isAnnotationPresent(RequiresLogin.class)) {
return false;
}
Link link = renderLinkSource.createPageRenderLink("Login");
response.sendRedirect(link);
return true;
}
}
public class AuthenticatorImp implements AuthenticatorInterface{
public static final String AUTH_TOKEN = "authToken";
/**
*
*/
public AuthenticatorImp() {
super();
// TODO Auto-generated constructor stub
}
/**
* @param request
*/
public AuthenticatorImp(Request request) {
super();
this.request = request;
}
@Inject
private Request request;
public Mitarbeiter getLoggedUser() {
Mitarbeiter user = null;
if (isLoggedIn())
user = (Mitarbeiter)
request.getSession(true).getAttribute(AUTH_TOKEN);
else
throw new IllegalStateException("The user is not logged ! ");
return user;
}
public boolean isLoggedIn() {
org.apache.tapestry5.services.Session session = request.getSession(true);
if (session != null) { return session.getAttribute(AUTH_TOKEN) !=
null; }
return false;
}
@SuppressWarnings("unchecked")
public void login(String nickName, String password, org.hibernate.Session
session)
throws NoSuchAlgorithmException, UnsupportedEncodingException {
MitarbeiterDaoImpl mitarbeiterDao = new MitarbeiterDaoImpl( Mitarbeiter.class,
session);
Mitarbeiter authUser = mitarbeiterDao.authenticate(nickName,
Encrypt.MD5(password));
try{
request.getSession(true).setAttribute(AUTH_TOKEN, authUser);
}
catch(NullPointerException e){
System.out.println("Beim Einlogen ist ein fehler aufgetreten");
}
}
public void logout() {
org.apache.tapestry5.services.Session session = request.getSession(false);
if (session != null)
{
session.setAttribute(AUTH_TOKEN, null);
session.invalidate();
}
}
}
________________________________
De : Taha Hafeez Siddiqi <tawus.tapes...@gmail.com>
À : Tapestry users <users@tapestry.apache.org>
Envoyé le : Mardi 6 août 2013 14h41
Objet : Re: Securing page with Tapestry
Are you defining your own ComponentRequestFilter interface? As you have
included the code for that I am assuming you have.
You have to implement Tapestry's ComponentRequestFilter, not your own as you
can't contribute to the RequestHandler any other implementation.
regards
Taha
On 06-Aug-2013, at 5:53 PM, Will N. <llcool_wil...@yahoo.fr> wrote:
Am 06.08.2013 14:13, schrieb Thiago H de Paula Figueiredo:
I'm sorry, I should have asked for your ComponentRequestFilter implementation
source too. ;)
On Tue, 06 Aug 2013 08:31:15 -0300, Will N. <llcool_wil...@yahoo.fr> wrote:
Am 06.08.2013 13:25, schrieb Thiago H de Paula Figueiredo:
On Tue, 06 Aug 2013 05:10:37 -0300, Will N. <llcool_wil...@yahoo.fr> wrote:
Hi,
Hi!
I am trying secure some pages of my application as shown in this tutorial.
http://tapestryjava.blogspot.co.uk/search/label/security
But I am having following error message when I start the application.
Since the RequiresLoginFilte class implements the ComponentRequestFilter
interface, I am confused about the coertion error!
The error is weird. Could you post your
PmsModule.contributeComponentRequestHandler() method
/**
* This module is automatically included as part of the Tapestry IoC Registry,
* it's a good place to configure and extend Tapestry, or to place your own
* service definitions. spring
*/
public class PmsModule {
// public static void bind(ServiceBinder binder) {
// // binder.bind(MyServiceInterface.class, MyServiceImpl.class);
//
// // Make bind() calls on the binder object to define most IoC services.
// // Use service builder methods (example below) when the implementation
// // is provided inline, or requires more initialization than simply
// // invoking the constructor.
// binder.bind(ArbeitspaketDao.class, ArbeitspaketDaoImpl.class);
// binder.bind(AufgabeDao.class, AufgabeDaoImpl.class);
// binder.bind(BasicDao.class, BasicDaoImpl.class);
// binder.bind(FunktionDao.class, FunktionDaoImpl.class);
//// binder.bind(GrantedAuthorityBeanDao.class,
//// GrantedAuthorityBeanDaoImpl.class);
// binder.bind(MitarbeiterDao.class, MitarbeiterDaoImpl.class);
// binder.bind(MitarbeiterProjektDao.class,
// MitarbeiterProjektDaoImpl.class);
// binder.bind(ModulDao.class, ModulDaoImpl.class);
// binder.bind(PersonMonatDao.class, PersonMonatDaoImpl.class);
// binder.bind(UserDataDao.class, UserDataDaoImpl.class);
// binder.bind(ProjektDao.class, ProjektDaoImpl.class);
// binder.bind(UnteraufgabeDao.class, UnteraufgabeDaoImpl.class);
// binder.bind(UnterunteraufgabeDao.class,
UnterunteraufgabeDaoImpl.class);
//
// }
public static void contributeFactoryDefaults(
MappedConfiguration<String, Object> configuration) {
// The application version number is incorprated into URLs for some
// assets. Web browsers will cache assets because of the far future
// expires
// header. If existing assets are changed, the version number should
// also
// change, to force the browser to download new versions. This
overrides
// Tapesty's default
// (a random hexadecimal number), but may be further overriden by
// DevelopmentModule or
// QaModule.
configuration.override(SymbolConstants.APPLICATION_VERSION,
"1.0-SNAPSHOT");
}
public static void contributeApplicationDefaults(
MappedConfiguration<String, Object> configuration) {
// Contributions to ApplicationDefaults will override any
contributions
// to
// FactoryDefaults (with the same key). Here we're restricting the
// supported
// locales to just "en" (English). As you add localised message
catalogs
// and other assets,
// you can extend this list of locales (it's a comma separated series
of
// locale names;
// the first locale name is the default when there's no reasonable
// match).
// configuration.add(SymbolConstants.SUPPORTED_LOCALES, "en");
configuration.add(SymbolConstants.SUPPORTED_LOCALES, "de");
configuration.add(SymbolConstants.COMPRESS_WHITESPACE, "true");
}
/**
* This is a service definition, the service will be named "TimingFilter".
* The interface, RequestFilter, is used within the RequestHandler service
* pipeline, which is built from the RequestHandler service configuration.
* Tapestry IoC is responsible for passing in an appropriate Logger
* instance. Requests for static resources are handled at a higher level,
so
* this filter will only be invoked for Tapestry related requests.
* <p/>
* <p/>
* Service builder methods are useful when the implementation is inline as
* an inner class (as here) or require some other kind of special
* initialization. In most cases, use the static bind() method instead.
* <p/>
* <p/>
* If this method was named "build", then the service id would be taken
from
* the service interface and would be "RequestFilter". Since Tapestry
* already defines a service named "RequestFilter" we use an explicit
* service id that we can reference inside the contribution method.
*/
public RequestFilter buildTimingFilter(final Logger log) {
return new RequestFilter() {
public boolean service(Request request, Response response,
RequestHandler handler) throws IOException {
long startTime = System.currentTimeMillis();
try {
// The responsibility of a filter is to invoke the
// corresponding method
// in the handler. When you chain multiple filters
together,
// each filter
// received a handler that is a bridge to the next filter.
return handler.service(request, response);
} finally {
long elapsed = System.currentTimeMillis() - startTime;
log.info(String.format("Request time: %d ms", elapsed));
}
}
};
}
/**
* This is a contribution to the RequestHandler service configuration.
This
* is how we extend Tapestry using the timing filter. A common use for
this
* kind of filter is transaction management or security. The @Local
* annotation selects the desired service by type, but only from the same
* module. Without @Local, there would be an error due to the other
* service(s) that implement RequestFilter (defined in other modules).
*/
public void contributeRequestHandler(OrderedConfiguration<RequestFilter>
configuration, @Local RequestFilter filter) {
// Each contribution to an ordered configuration has a name, When
// necessary, you may
// set constraints to precisely control the invocation order of the
// contributed filter
// within the pipeline.
configuration.add("Timing", filter);
}
@SuppressWarnings("unchecked")
public static void contributeComponentRequestHandler(OrderedConfiguration
configuration) {
configuration.addInstance("RequiresLogin",
RequiresLoginFilter.class);
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
import java.io.IOException;
import org.apache.tapestry5.services.ComponentEventRequestParameters;
import org.apache.tapestry5.services.ComponentRequestHandler;
import org.apache.tapestry5.services.PageRenderRequestParameters;
/**
* Filter interface for {@link
org.apache.tapestry5.services.ComponentRequestHandler}.
*/
/**
* Our implementation of this filter will check the page referenced in the
request to see if it has the annotation.
* If the annotation is present and the user has not yet logged in, we'll
redirect to the Login page.
* When a redirect is not necessary, we delegate to the next handler in the
pipeline2:
*/
public interface ComponentRequestFilter
{
/**
* Handler for a component action request which will trigger an event on a
component and use the return value to
* send a response to the client (typically, a redirect to a page render
URL).
*
* @param parameters defining the request
* @param handler next handler in the pipeline
*/
void handleComponentEvent(ComponentEventRequestParameters parameters,
ComponentRequestHandler handler)
throws IOException;
/**
* Invoked to activate and render a page. In certain cases, based on
values returned when activating the page, a
* {@link org.apache.tapestry5.services.ComponentEventResultProcessor} may
be used to send an alternate response
* (typically, a redirect).
*
* @param parameters defines the page name and activation context
* @param handler next handler in the pipeline
*/
void handlePageRender(PageRenderRequestParameters parameters,
ComponentRequestHandler handler) throws IOException;
}
import java.io.IOException;
import org.apache.tapestry5.Link;
import org.apache.tapestry5.runtime.Component;
import org.apache.tapestry5.services.ComponentEventRequestParameters;
import org.apache.tapestry5.services.ComponentRequestHandler;
import org.apache.tapestry5.services.ComponentSource;
import org.apache.tapestry5.services.PageRenderLinkSource;
import org.apache.tapestry5.services.PageRenderRequestParameters;
import org.apache.tapestry5.services.Response;
import com.example.pms.annotations.*;
public class RequiresLoginFilter implements ComponentRequestFilter {
private PageRenderLinkSource renderLinkSource;
private ComponentSource componentSource;
private Response response;
// private final AuthenticationService authService;
private AuthenticatorImp authService;
public void PageAccessFilter(PageRenderLinkSource renderLinkSource,
ComponentSource componentSource,
Response response, AuthenticatorImp
authService) {
this.renderLinkSource = renderLinkSource;
this.componentSource = componentSource;
this.response = response;
this.authService = authService;
}
public void handleComponentEvent(
ComponentEventRequestParameters parameters,
ComponentRequestHandler handler) throws IOException {
if (dispatchedToLoginPage(parameters.getActivePageName())) {
return;
}
handler.handleComponentEvent(parameters);
}
public void handlePageRender(PageRenderRequestParameters parameters,
ComponentRequestHandler handler) throws IOException {
if (dispatchedToLoginPage(parameters.getLogicalPageName())) {
return;
}
handler.handlePageRender(parameters);
}
private boolean dispatchedToLoginPage(String pageName) throws IOException {
if (authService.isLoggedIn()) {
return false;
}
Component page = componentSource.getPage(pageName);
if (! page.getClass().isAnnotationPresent(RequiresLogin.class)) {
return false;
}
Link link = renderLinkSource.createPageRenderLink("Index");
response.sendRedirect(link);
return true;
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
