Thanks for your tips not to use JAAS. tapestry + spring + Hibernate is our way forward too!!
So can you please elaborate on your implementation? Did you actually enhance the AbstractComponent.renderComponent () ??
It's interesting that you do it on the Page by subclassing it. We want this control even more fine-grained like in TextFields etc. So we want to actually enhance the tapestry components themselves to tap into the SecurityContext.
Thanks, Karthik.
On 11/13/06, Andrea Chiumenti <[EMAIL PROTECTED]> wrote:
I've already developed this component and it works very fine, but a sggestion is not to use pure JAAS because in real business application for big companies JAAS is not sufficient.
For example we developed a login module that put a Principal subclass adding a businessUnit field. Then we subclassed the Page component adding isUserInRole(groupId, bunit). The login module put the principa as a state object via himind and isUserInRole does the rest. We then added a collections of allowed groups and b-units to the page and check principal against them, very handy, but of course not portable towards EJB, but we abandoned EJB time ago.
Anyway this module will be added to jfly.
ciao,
kiumaOn 11/13/06, Karthik N < [EMAIL PROTECTED] > wrote:Hello,-------------------------------------------------------------------------
Tacos 4.0.1 - We are contemplating adding an EnhancementWorker to the renderComponent method of AbstractComponent.
The idea is to be able to perform certain "Security" operations in a (hopefully) elegant fashion.
For eg. we have cases where a Tab should hide/show itself, a TextField should hide/show itself.
Here are the thoughts:
1) Introduce a formal parameter for each component something like renderIfUserInRoles ognl:{'ADMIN', 'SUPERVISOR'}
2) A custom EnhancementWorker to change the IWriter accordingly after calling a SecurityContext.isUserInRoles( {'ADMIN', 'SUPERVISOR'} ) which will check a ThreadLocal etc. (left out the gory details)
3) If the user is not in roles pass on a NullWriter to the component, so that it will not render its content.
So here are the questions:
1) After some digging we find that InjectAjaxComponentRenderWorker already enhances AbstractComponent.renderComponent(). Methods of this Worker are protected, so we plan to further override this implementation and use the approach described in http://hivemind.apache.org/override.html to override the service-point id="ComponentRenderInterceptor"
2) Is this a good idea?! We would love to hear some feedback.
Thanks, Karthik
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Tacos-devel mailing list
Tacos-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tacos-devel
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Tacos-devel mailing list
Tacos-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tacos-devel
--
Thanks, Karthik
------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________ Tacos-devel mailing list Tacos-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tacos-devel
