main.pageCache https.html security.html

buildbot Sat, 25 Jan 2014 05:21:42 -0800

Author: buildbot
Date: Sat Jan 25 13:20:42 2014
New Revision: 895386

Log:
Production update by buildbot for tapestry


Modified:
    websites/production/tapestry/content/cache/main.pageCache
    websites/production/tapestry/content/https.html
    websites/production/tapestry/content/security.html

Modified: websites/production/tapestry/content/cache/main.pageCache
==============================================================================
Binary files - no diff available.

Modified: websites/production/tapestry/content/https.html
==============================================================================
--- websites/production/tapestry/content/https.html (original)
+++ websites/production/tapestry/content/https.html Sat Jan 25 13:20:42 2014
@@ -69,7 +69,37 @@
   </div>
 
 <div id="content">
-<div id="ConfluenceContent"><h1 
id="HTTPS-SecuringyourapplicationwithHTTPS">Securing your application with 
HTTPS</h1><p>Tapestry assumes your application will be primarily deployed as a 
standard web application, using HTTP (not HTTPS) as the transport 
mechanism.</p><p>However, many applications will need to have some of their 
pages secured: only accessible via HTTPS. This could be a login page, or a 
product ordering wizard, or administrative pages.</p><p>All that is necessary 
to mark a page as secure is to add the @Secure annotation to the page 
class:</p><div class="code panel pdl" style="border-width: 1px;"><div 
class="codeContent panelContent pdl">
+<div id="ConfluenceContent"><h1 
id="HTTPS-SecuringyourapplicationwithHTTPS">Securing your application with 
HTTPS</h1><pre>&#160;</pre><div class="navmenu" style="float:right; 
background:#eee; margin:3px; padding:3px">
+<h3>Related Articles</h3>
+<ul class="content-by-label"><li>
+            <div>
+                    <span class="icon icon-page" title="Page">Page:</span>     
       </div>
+
+            <div class="details">
+                            <a shape="rect" href="security-faq.html">Security 
FAQ</a>
+                    
+                
+                            </div>
+        </li><li>
+            <div>
+                    <span class="icon icon-page" title="Page">Page:</span>     
       </div>
+
+            <div class="details">
+                            <a shape="rect" href="security.html">Security</a>
+                    
+                
+                            </div>
+        </li><li>
+            <div>
+                    <span class="icon icon-page" title="Page">Page:</span>     
       </div>
+
+            <div class="details">
+                            <a shape="rect" href="https.html">HTTPS</a>
+                    
+                
+                            </div>
+        </li></ul>
+</div><p>Tapestry assumes your application will be primarily deployed as a 
standard web application, using HTTP&#160;(not HTTPS) as the transport 
mechanism.</p><p>However, many applications will need to have some of their 
pages secured: only accessible via HTTPS. This could be a login page, or a 
product ordering wizard, or administrative pages.</p><p>All that is necessary 
to mark a page as secure is to add the @Secure annotation to the page 
class:</p><div class="code panel pdl" style="border-width: 1px;"><div 
class="codeContent panelContent pdl">
 <script class="theme: Default; brush: java; gutter: false" 
type="syntaxhighlighter"><![CDATA[@Secure
 public class ProcessOrder
 {

Modified: websites/production/tapestry/content/security.html
==============================================================================
--- websites/production/tapestry/content/security.html (original)
+++ websites/production/tapestry/content/security.html Sat Jan 25 13:20:42 2014
@@ -108,7 +108,7 @@
                 
                             </div>
         </li></ul>
-</div><h2 id="Security-HTTPS-onlyPages">HTTPS-only Pages</h2><p>Main Article: 
<a shape="rect" href="https.html">HTTPS</a></p><p>Tapestry provides several 
annotations and configuration settings that you can use to&#160;<span 
style="text-align: justify;line-height: 1.4285715;">ensure that all access to 
certain pages&#8211;or all pages&#8211;occurs only via the encrypted HTTPS 
protocol</span><span style="text-align: justify;line-height: 1.4285715;">. 
See&#160;<a shape="rect" href="https.html">HTTPS</a> for details.</span></p><h2 
id="Security-ControllingPageAccess"><span style="text-align: 
justify;line-height: 1.4285715;">Controlling Page Access</span></h2><p><span 
style="text-align: justify;line-height: 1.4285715;">&#160;</span></p><div 
class="navmenu" style="float:right; background:#eee; margin:3px; padding:0 1em">
+</div><h2 id="Security-HTTPS-onlyPages">HTTPS-only Pages</h2><p>Main Article: 
<a shape="rect" href="https.html">HTTPS</a></p><p>Tapestry provides several 
annotations and configuration settings that you can use to&#160;<span 
style="text-align: justify;line-height: 1.4285715;">ensure that all access to 
certain pages (or all pages) occurs only via the encrypted HTTPS 
protocol</span><span style="text-align: justify;line-height: 1.4285715;">. 
See&#160;<a shape="rect" href="https.html">HTTPS</a> for details.</span></p><h2 
id="Security-ControllingPageAccess"><span style="text-align: 
justify;line-height: 1.4285715;">Controlling Page Access</span></h2><p><span 
style="text-align: justify;line-height: 1.4285715;">&#160;</span></p><div 
class="navmenu" style="float:right; background:#eee; margin:3px; padding:0 1em">
 <p>    <strong>JumpStart Demo:</strong><br clear="none">
     <a shape="rect" class="external-link" 
href="http://jumpstart.doublenegative.com.au/jumpstart/examples/infrastructure/protectingpages";
 >Protecting Pages</a></p></div><p><span style="text-align: 
justify;line-height: 1.4285715;">For simple access control needs, you can 
contribute a&#160;<span><a shape="rect" class="external-link" 
href="http://tapestry.apache.org/current/apidocs/org/apache/tapestry5/services/ComponentRequestFilter.html";>ComponentRequestFilter</a>
 with your custom logic that decides which pages should be accessed by which 
users.</span></span></p><p><span style="line-height: 1.4285715;text-align: 
justify;">For more advanced needs see the Security Framework Integration 
section below.</span></p><h2 id="Security-White-listedPages">White-listed 
Pages</h2><p>Pages whose component classes are annotated with&#160;@<a 
shape="rect" class="external-link" 
href="http://tapestry.apache.org/current/apidocs/org/apache/tapestry5/annotations/WhitelistAccessOnly.html";>WhitelistAccessOn
 ly</a>&#160;will only be displayed to users (clients) that are on 
the&#160;<em>whitelist</em>. By default the whitelist consists only of clients 
whose fully-qualified domain name is "localhost" (or the IP address equivalent, 
127.0.0.1 or 0:0:0:0:0:0:0:1),&#160;but you can customize this by contributing 
to the ClientWhitelist service&#160;in your application's module class (usually 
AppModule.java):</p><div class="code panel pdl" style="border-width: 1px;"><div 
class="codeHeader panelHeader pdl" style="border-bottom-width: 
1px;"><b>AppModule.java (partial) &#8211; simple inline example</b></div><div 
class="codeContent panelContent pdl">
 <script class="theme: Default; brush: java; gutter: false" 
type="syntaxhighlighter"><![CDATA[    @Contribute(ClientWhitelist.class)

svn commit: r895386 - in /websites/production/tapestry/content: cache/main.pageCache https.html security.html

Reply via email to