Hi,
On 16-10-2010 15:50, Andrey Gladilin wrote:
Hi guys,
Is there a way to make authentication in Tapestry using store procedure.
Yes, Tapestry does not care much about how you implement your security.
I have several stored procedures in Postgres, like
login(session_id, username, password, locale)
logout(session_id)
get_roles(session_id)
I was trying to use Spring Security, but did not find a way to use
stored procedures with it.
Spring security is highly customizable and does support what you ask,
read the docs and take a look at the jdbc-dao-something sources and
figure out what needs to be overridden/implemented to meet your
requirements.
Spring security may be overly complex for what you need, but you can't
blame tapestry for that.
Could you put me on a proper way?
Thanks.
P.S. Please don't ask me to throw away stored procedures, I can not do it.
If you need something really simple, just roll your own auth code and
save some kind of auth-token in your session (@SessionState)
and act on that token some place where it makes sense (in each page,
possibly by sharing it through a base page or maybe in a dispatcher)
Personally I'd probably use some kind of filter based security solution
to keep as much of the security code as possible away from the
application code. (I have used Spring security extensively in several
applications and it is definitely a good candidate, apache shiro does
look very tempting, but I haven't had the time to play with that one yet.)
Sorry for being a little vague on the tapestry side of the things, but I
guess others are much better qualified to help you there.
--
Chris
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
