Chris, I'm about to embark on access control for a T5 app I'm building. Two years ago, I built a T4 app with Spring / Hibernate / Acegi. I had already digested much of the Spring docs even though I hadn't really used it, the Acegi docs obviously referred to Spring, and re-doing it in Hivemind when I was a rookie at Acegi, Spring and Hivemind didn't seem very bright.
The key is that tapestry-ioc in T5 (and Hivemind for T4) can be used *instead* of Spring. The challenge is having the knowledge to accomplish this when all of the documentation on Acegi talks about Spring. Spring is mainly just a means to configure Acegi, and make sure that Acegi information gets moved in and out of the session. Now, I'm about to try tapestry-aceci. Fortunately, the access control for this app is far simpler than what I had to do in T4, and my knowledge of Acegi and Spring grew dramatically through that old project. I'll probably take the time to understand tapestry-ioc this time. Hopefully I'll have some real pearls of wisdom to offer in a few days. Jonathan > -----Original Message----- > From: Chris Lewis [mailto:[EMAIL PROTECTED] > Sent: Saturday, January 05, 2008 6:43 PM > To: Tapestry users > Subject: T5: access control (again) > > Dear list - specifically all those having successful access control > implementations, > > I'd like to poll you for how you did it. Not so much the action of > authentication, but more so how access is monitored and restricted. This > is a well-known problem in general, but I've yet to see a satisfactory > and pluggable implementation. First, the basic details: > > A user can have one or more roles, and roles determine what that user > can and can't do/see/access. As I said, this is a well-known problem and > there's even an existing library for the task: tapestry-acegi. > > The good thing about tapestry-acegi is its 2 simple components. The make > perfect sense and make integration feel smooth and water-tight (ie, not > leaky). The bad things are: > 1) The documentation is basically non-existent and I have no idea how to > get it set up. Using the components is a no brainer - its the > infrastructure that loses me. > 2) It requires foreknowledge of acegi. Ok, so I checked out those docs, > which led me to: > 3) Acegi docs explicitly state that knowledge of spring is required, so > you must first know (or learn) that. > > That's where I draw the line. If you've read many posts from me, you may > know that while I've been developing in Java for about 6 years I've > specifically avoided using it for web because I've never felt it "had it > together." Yes its capable, but its been overly complex and fragmented. > Yes there are open source options but none of them, including struts and > spring, have been enough to convince me that investing my time in > learning them was worth it. This changed when I started toying with > tapestry and its perspective of development (so this probably includes > wicket, web objects, and prado). > > I'm not bashing tapestry-acegi by any means. In fact I commend, thank, > and cite in code the project as I used the idea of the IfLoggedIn > component. It's both simple and elegant - but it requires knowledge that > I don't have am not convinced is worth my having. > > So... what are any of you other ambitious T5ers using for this? Packaged > tools? Home grown? I'm home growing one at the moment (specific to a > project) and would love to share, but I want to know what anyone else is > doing to solve this classic problem. > > sincerely, > chris > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]