I'm still editing this. I accidentally saved instead of previewed -
sorry :-|
Apache Wiki wrote:
Dear Wiki user,
You have subscribed to a wiki page or wiki category on "Tapestry Wiki" for
change notification.
The following page has been changed by ChrisLewis:
http://wiki.apache.org/tapestry/Tapestry5HowToCreateADispatcher2
New page:
In the article Tapestry5HowToCreateADispatcher we covered the basics of
creating a Dispatcher and getting it into the pipeline. This quick article is a
suppliment to that one, continuing the example of implementing an access
control mechanism. Specifically, we will cover how to access request-specific
state objects (ASOs) from a singleton service (our access controller).
Before reading this be sure to first read about how Tapestry manages
application state:
http://tapestry.apache.org/tapestry5/tapestry-core/guide/appstate.html
This is a fairly quick and painless read and should get you up to speed on what
application state is, when and why you need it, how to use it, and the basics
of how it works. The following javadocs are also worth pointing out:
[http://tapestry.apache.org/tapestry5/apidocs/org/apache/tapestry/annotations/ApplicationState.html
ApplicationState],
[http://tapestry.apache.org/tapestry5/apidocs/org/apache/tapestry/services/ApplicationStateManager.html
ApplicationStateManager]
== A Glance at the Problem ==
The access controller we've implemented is a singleton service. It doesn't make
sense to implement it per-request as the only per-request state it needs are
the access permissions of the requesting user. However we can't just annotate a
service field with @!ApplicationState as we normally would in a page or
component.
{{{
import java.io.IOException;
import org.apache.tapestry.services.ApplicationStateManager;
import org.apache.tapestry.services.Request;
import org.apache.tapestry.services.Response;
public class AccessController implements Dispatcher {
private ApplicationStateManager asm;
public SingletonAccessControllerImpl(ApplicationStateManager asm) {
this.asm = asm;
}
public boolean dispatch(Request request, Response response) throws
IOException {
boolean canAccess = false;
if(asm.exists(UserPermissions.class)) {
}
if(!canAccess) {
/*
* This is an unauthorized request, so throw an
exception. We'll need
* more grace than this, such as a customized exception
page and/or
* redirection to a login page...
*/
throw new RuntimeException("Access violation!");
}
return false;
}
}
}}}
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
