Hi, Our app is private, which means only the signin and related pages are visible without authentication. I've made this Loc to protect menu items,
val loggedIn = Loc.EarlyResponse(() => Full(RedirectResponse("/profile/login?returnTo="+S.uri)).filter(ignore => !User.loggedIn_?)) and while this works, I think there must be a better solution since: 1) It's easy to forget adding this to menu items that should be protected (ie most in our case) 2) It's not easy to add this to MenuItems generated by Lift, e.g. CRUDIfy entries. So, I created this DispatchPF LiftRules.dispatch.prepend(NamedPF("Protect") { case Req("profile" :: "login" :: Nil , "", _) => () => Empty case Req(_, "", _) => () => Full(RedirectResponse("/profile/login?returnTo="+S.uri)).filter(ignore => !User.loggedIn_?) }) but it doesn't seem to work since now /profile/login gives a 404. So basically, I have two questions 1) Is there a way for requests to "fall through" in the DispatchPF, ie /profile/login should just be processed as usual 2) Is there a better way to accomplish this? It seems the DispatchPF method would need to allow requests to javascript, css etc to be handled without authentication so you would have to maintain this "whitelist" (but this is less of a problem than maintaining the protected list) /Jeppe --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Lift" group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~----------~----~----~----~------~----~------~--~---