I think maintaining menu.xml will be much easier than doing this programatically,
regards Malcolm Edgar On Thu, Jul 2, 2009 at 1:16 PM, dian ruzda<[email protected]> wrote: > can we make menu control by programatically, so I shouldn't write menu.xml > again, all menu configuration create otomatically by program ? > > > On Thu, Jul 2, 2009 at 12:44 AM, Bert Heikamp <[email protected]> wrote: >> >> Hi, >> >> This is how I did it, >> >> #if ($topMenu.isUserInRoles() || $topMenu.isUserInChildMenuRoles() || >> $topMenu.getRoles().size() == 0) >> >> in the menu.vm and >> >> <menu label="Administrator" path="index.htm" >> roles="ROLE_SUPER_ADMINISTRATOR"> >> >> in the menu.xml >> >> Hopes it help. >> >> Regard, >> >> Bert >> >> 2009/7/1 dian <[email protected]> >>> >>> hello all, >>> >>> I'am using spring security in my web app, I wanna get rolename from user >>> login to cuztom menu display in click, how to get role name value from >>> user >>> that was login ? >>> >>> >>> thx >>> >>> >>> >>> bheikamp wrote: >>> > >>> > Hi dian, >>> > I use Spring Security in Click, it works quit simpel, implement the >>> > spring >>> > security libs in you project. add the folowing configuration to your >>> > web.xml >>> > >>> > <!-- ================================== --> >>> > <!-- Servlet Context Listeners --> >>> > <!-- ================================== --> >>> > <listener> >>> > >>> > <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> >>> > </listener> >>> > <!-- ================================== --> >>> > <!-- CONTEXT PARAMETERS --> >>> > <!-- ================================== --> >>> > <context-param> >>> > <param-name>contextConfigLocation</param-name> >>> > <param-value>classpath:application-context.xml</param-value> >>> > </context-param> >>> > <filter> >>> > <filter-name>springSecurityFilterChain</filter-name> >>> > >>> > <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> >>> > </filter> >>> > <filter-mapping> >>> > <filter-name>springSecurityFilterChain</filter-name> >>> > <url-pattern>/*</url-pattern> >>> > </filter-mapping> >>> > >>> > >>> > add the folowing to your application context, provided that you >>> > implement >>> > a >>> > dataSource to your project, this you can also be done in spring by >>> > using >>> > hibernate as persistance layer. >>> > >>> > <security:http auto-config="true" access-denied-page="/denied.htm"> >>> > <security:intercept-url pattern="/some_path/*" >>> > access="ROLE_ADMINISTRATOR" >>> > /> >>> > <security:intercept-url pattern="/**" >>> > access="IS_AUTHENTICATED_ANONYMOUSLY" >>> > /> >>> > <security:form-login login-page="/logon.htm" >>> > authentication-failure-url="/logon.htm?login_error=1" /> >>> > </security:http> >>> > <security:authentication-provider> >>> > <security:jdbc-user-service data-source-ref="dataSource" >>> > authorities-by-username-query="SELECT username,authority FROM authority >>> > WHERE username=?" >>> > users-by-username-query="SELECT username,password,active FROM users >>> > WHERE >>> > username=?" /> >>> > </security:authentication-provider> >>> > >>> > create 2 table's: >>> > >>> > - authority with a usernae and authority and make sure a user has a >>> > ROLE_ADMINISTRATOR or something like that, default it has to start >>> > with >>> > ROLE_, >>> > - users, with a username, password and active. >>> > >>> > your login page : >>> > >>> > public class LogonPage extends TemplatePage { >>> > >>> > public Form form = new Form(); >>> > >>> > public LogonPage() { >>> > setTitle("Loging page"); >>> > >>> > form.setActionURL("j_spring_security_check"); >>> > form.setMethod("post"); >>> > form.setJavaScriptValidation(true); >>> > >>> > TextField userName = new TextField("j_username"); >>> > userName.setRequired(true); >>> > userName.setFocus(true); >>> > userName.setLabel("gebruikersNaam"); >>> > form.add(userName); >>> > >>> > PasswordField password = new PasswordField("j_password"); >>> > password.setRequired(true); >>> > password.setLabel("Wachtwoord"); >>> > form.add(password); >>> > >>> > form.add(new NextButton("ok", " logon ", this, "onOkClicked")); >>> > } >>> > >>> > @Override public void onInit() { >>> > super.onInit(); >>> > if (getParameter("login_error") != null && >>> > getParameter("login_error").equals("1")) { >>> > msg = "fout bij aanmelden !"; >>> > } >>> > } >>> > } >>> > >>> > that's all, this works much easier than the J2EE implementation. >>> > >>> > Suc6 >>> > >>> > Kind Regards, >>> > >>> > Bert Heikamp >>> > >>> > 2009/1/6 dian ruzda <[email protected]> >>> > >>> >> Hello all, >>> >> >>> >> I still confuse to implements how to make authentification and >>> >> authorization in click framework. >>> >> I was read click manual and best practise but It can't explaine me >>> >> more. >>> >> does any body can give me simple template about implementation >>> >> security >>> >> in >>> >> click framework ? >>> >> >>> >> >>> >> thx.. >>> >> >>> > >>> > >>> >>> -- >>> View this message in context: >>> http://n2.nabble.com/security-in-click-tp2116683p3191195.html >>> Sent from the click-user mailing list archive at Nabble.com. >>> >> > >
