@Mario and Martin; nice to see you guys back.
Why don't we create both a security resolver and the secure tag. So the users may choose the way they want to handle the security.
We could also make the s:secure depend on the securityBean so the whole control logic will be done in the business tier.
Cagatay
On 8/16/06, Martin Marinschek <[EMAIL PROTECTED]> wrote:
Hi Mike,
Yeah, back from Iceland - I've had nice vacations!
@panelGroup and being rendered: You're right, it did in the beginning,
but I changed it as this was wrong according to the spec... it will
only render a span if necessary, yes.
Then the only remaining issue is that with our suggestion, the
rendered-attribute might contain references to both security related
conditions _and_ other conditions - so a clear separation might not be
provided by this.
An <s:secure/>-tag might be more explicit - the question is if the
security should really be in the view-layer, though. It's much better
to have it in a security bean and therefore in the business-logic
(then you can also access the logic from other beans, if needed).
It is then also possible to extend the security-bean, and have some
specific methods for use of the application. I'm not sure how this
would work with a resolver.
regards,
Martin
On 8/16/06, Mike Kienenberger <[EMAIL PROTECTED]> wrote:
> On 8/16/06, Martin Marinschek < [EMAIL PROTECTED]> wrote:
> > Well, one reason for having an s:secure tag would be that panelGroup
> > will render a span - which we probably don't want in this case.
>
> Martin, good to see you back :-)
>
> I don't think a panelGroup renders anything unless you specify an
> attribute that requires it, like id or a style. I use hundreds of
> panelGroups and I don't see any spans in my generated html under
> Facelets.
>
--
http://www.irian.at
Your JSF powerhouse -
JSF Consulting, Development and
Courses in English and German
Professional Support for Apache MyFaces
