That's the way I've written the access control on our system.
-----Original Message----- From: Christian Senk [mailto:senk.christ...@googlemail.com] Sent: 03 June 2009 20:24 To: Tapestry users Subject: Re: Authentification in Tapestry We are using a custom dispatcher called "AccessControlDispatcher". It is like the AccessDispatcher described in the howto-wiki, but in addition it checks for certain roles. This works through a SessionState object that implements an interface used by the dispatcher to determine if the SessionState object has the required role(s) or not. All you have to do is to annotate the desired page with "@Secured(Role.ADMIN)" for example. the dispatcher checks if the current user has the required role for this page, if not the dispatcher calls an AccessDeniedCallback, where you can redirect to the login page or something like that. The Callback and the Class of the SessionState object that implements the interface needed by the dispatcher are contributable over a mapped configuration. It is very simple and i think there is a lot potential to improve this, but until now it works for us. Maybe this idea helps you ^.^ Thibaut Gadiolet schrieb: > OK, I stop using a full T5 solution to handle authentication/authorization. > I am using ACEGI with a basic configuration, you can easily integrate it to > your T5 projects, It's not as heavy as I thought, and it turned out to be > very efficient. > > But if someone gets a better solution full T5, I'm open. > > Thanks, > > Thibaut > > On Fri, May 22, 2009 at 4:10 AM, Sergey Didenko <sergey.dide...@gmail.com>wrote: > > >> Thanks for tips, Thiago! >> >> >>> This has been discussed in this list before. Check the archives >>> (http://www.nabble.com/Tapestry---User-f340.html) for some ideas. >>> Usually they are centered around a RequestFilter or a >>> ComponentClassTransformer. >>> >>> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org >> For additional commands, e-mail: users-h...@tapestry.apache.org >> >> >> > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org ************************************************************************** Experience the British Library online at www.bl.uk The British Library's new interactive Annual Report and Accounts 2007/08 : www.bl.uk/knowledge Help the British Library conserve the world's knowledge. Adopt a Book. www.bl.uk/adoptabook The Library's St Pancras site is WiFi - enabled ************************************************************************* The information contained in this e-mail is confidential and may be legally privileged. It is intended for the addressee(s) only. If you are not the intended recipient, please delete this e-mail and notify the postmas...@bl.uk : The contents of this e-mail must not be disclosed or copied without the sender's consent. The statements and opinions expressed in this message are those of the author and do not necessarily reflect those of the British Library. The British Library does not take any responsibility for the views of the author. ************************************************************************* --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
