thanks for the help. I removed my Interface and now i get a NullPointerException
* RequiresLoginFilter.dispatchedToLoginPage(RequiresLoginFilter.java:66)
*
services.RequiresLoginFilter.handlePageRender(RequiresLoginFilter.java:57)
*
org.apache.tapestry5.services.InitializeActivePageName.handlePageRender(InitializeActivePageName.java:47)
*
org.apache.tapestry5.internal.services.RootPathDispatcher.dispatch(RootPathDispatcher.java:66)
*
org.apache.tapestry5.services.TapestryModule$RequestHandlerTerminator.service(TapestryModule.java:302)
* .services.PmsModule$1.service(PmsModule.java:115)
*
org.apache.tapestry5.internal.services.RequestErrorFilter.service(RequestErrorFilter.java:26)
*
org.apache.tapestry5.services.TapestryModule$3.service(TapestryModule.java:902)
*
org.apache.tapestry5.services.TapestryModule$2.service(TapestryModule.java:892)
*
org.apache.tapestry5.internal.services.StaticFilesFilter.service(StaticFilesFilter.java:90)
*
org.apache.tapestry5.internal.services.CheckForUpdatesFilter$2.invoke(CheckForUpdatesFilter.java:105)
*
org.apache.tapestry5.internal.services.CheckForUpdatesFilter$2.invoke(CheckForUpdatesFilter.java:95)
*
org.apache.tapestry5.ioc.internal.util.ConcurrentBarrier.withRead(ConcurrentBarrier.java:85)
*
org.apache.tapestry5.internal.services.CheckForUpdatesFilter.service(CheckForUpdatesFilter.java:119)
*
org.apache.tapestry5.services.TapestryModule$HttpServletRequestHandlerTerminator.service(TapestryModule.java:253)
*
org.apache.tapestry5.internal.gzip.GZipFilter.service(GZipFilter.java:53)
*
org.apache.tapestry5.internal.services.IgnoredPathsFilter.service(IgnoredPathsFilter.java:62)
*
org.apache.tapestry5.services.TapestryModule$1.service(TapestryModule.java:852)
* org.apache.tapestry5.TapestryFilter.doFilter(TapestryFilter.java:171)
public class RequiresLoginFilter implements ComponentRequestFilter {
private PageRenderLinkSource renderLinkSource;
private ComponentSource componentSource;
private Response response;
private AuthenticatorImp authService;
public void PageAccessFilter(PageRenderLinkSource renderLinkSource,
ComponentSource componentSource, Response response,
AuthenticatorImp authService) {
this.renderLinkSource = renderLinkSource;
this.componentSource = componentSource;
this.response = response;
this.authService = authService;
}
public void handleComponentEvent(
ComponentEventRequestParameters parameters,
ComponentRequestHandler handler) throws IOException {
if (dispatchedToLoginPage(parameters.getActivePageName())) {
return;
}
handler.handleComponentEvent(parameters);
}
public void handlePageRender(PageRenderRequestParameters parameters,
ComponentRequestHandler handler) throws IOException {
if (dispatchedToLoginPage(parameters.getLogicalPageName())) {
return;
}
handler.handlePageRender(parameters);
}
private boolean dispatchedToLoginPage(String pageName) throws IOException {
if (authService.isLoggedIn()) { // line 66
return false;
}
Component page = componentSource.getPage(pageName);
if (!page.getClass().isAnnotationPresent(RequiresLogin.class)) {
return false;
}
Link link = renderLinkSource.createPageRenderLink("Login");
response.sendRedirect(link);
return true;
}
}
public class RequiresLoginFilter implements ComponentRequestFilter {
private PageRenderLinkSource renderLinkSource;
private ComponentSource componentSource;
private Response response;
private AuthenticatorImp authService;
public void PageAccessFilter(PageRenderLinkSource renderLinkSource,
ComponentSource componentSource, Response response,
AuthenticatorImp authService) {
this.renderLinkSource = renderLinkSource;
this.componentSource = componentSource;
this.response = response;
this.authService = authService;
}
public void handleComponentEvent(
ComponentEventRequestParameters parameters,
ComponentRequestHandler handler) throws IOException {
if (dispatchedToLoginPage(parameters.getActivePageName())) {
return;
}
handler.handleComponentEvent(parameters);
}
public void handlePageRender(PageRenderRequestParameters parameters,
ComponentRequestHandler handler) throws IOException {
if (dispatchedToLoginPage(parameters.getLogicalPageName())) {
return;
}
handler.handlePageRender(parameters);
}
private boolean dispatchedToLoginPage(String pageName) throws IOException { //
line 57
if (authService.isLoggedIn()) {
return false;
}
Component page = componentSource.getPage(pageName);
if (!page.getClass().isAnnotationPresent(RequiresLogin.class)) {
return false;
}
Link link = renderLinkSource.createPageRenderLink("Login");
response.sendRedirect(link);
return true;
}
}
public class AuthenticatorImp implements AuthenticatorInterface{
public static final String AUTH_TOKEN = "authToken";
/**
*
*/
public AuthenticatorImp() {
super();
// TODO Auto-generated constructor stub
}
/**
* @param request
*/
public AuthenticatorImp(Request request) {
super();
this.request = request;
}
@Inject
private Request request;
public Mitarbeiter getLoggedUser() {
Mitarbeiter user = null;
if (isLoggedIn())
user = (Mitarbeiter)
request.getSession(true).getAttribute(AUTH_TOKEN);
else
throw new IllegalStateException("The user is not logged ! ");
return user;
}
public boolean isLoggedIn() {
org.apache.tapestry5.services.Session session = request.getSession(true);
if (session != null) { return session.getAttribute(AUTH_TOKEN) != null;
}
return false;
}
@SuppressWarnings("unchecked")
public void login(String nickName, String password, org.hibernate.Session
session)
throws NoSuchAlgorithmException, UnsupportedEncodingException {
MitarbeiterDaoImpl mitarbeiterDao = new MitarbeiterDaoImpl( Mitarbeiter.class,
session);
Mitarbeiter authUser = mitarbeiterDao.authenticate(nickName,
Encrypt.MD5(password));
try{
request.getSession(true).setAttribute(AUTH_TOKEN, authUser);
}
catch(NullPointerException e){
System.out.println("Beim Einlogen ist ein fehler aufgetreten");
}
}
public void logout() {
org.apache.tapestry5.services.Session session = request.getSession(false);
if (session != null)
{
session.setAttribute(AUTH_TOKEN, null);
session.invalidate();
}
}
}
________________________________
De : Taha Hafeez Siddiqi <tawus.tapes...@gmail.com>
À : Tapestry users <users@tapestry.apache.org>
Envoyé le : Mardi 6 août 2013 14h41
Objet : Re: Securing page with Tapestry
Are you defining your own ComponentRequestFilter interface? As you have
included the code for that I am assuming you have.
You have to implement Tapestry's ComponentRequestFilter, not your own as you
can't contribute to the RequestHandler any other implementation.
regards
Taha
On 06-Aug-2013, at 5:53 PM, Will N. <llcool_wil...@yahoo.fr> wrote:
> Am 06.08.2013 14:13, schrieb Thiago H de Paula Figueiredo:
>> I'm sorry, I should have asked for your ComponentRequestFilter
>> implementation source too. ;)
>>
>> On Tue, 06 Aug 2013 08:31:15 -0300, Will N. <llcool_wil...@yahoo.fr> wrote:
>>
>>> Am 06.08.2013 13:25, schrieb Thiago H de Paula Figueiredo:
>>>> On Tue, 06 Aug 2013 05:10:37 -0300, Will N. <llcool_wil...@yahoo.fr> wrote:
>>>>
>>>>> Hi,
>>>>
>>>> Hi!
>>>>
>>>>> I am trying secure some pages of my application as shown in this
>>>>> tutorial. http://tapestryjava.blogspot.co.uk/search/label/security
>>>>> But I am having following error message when I start the application.
>>>>> Since the RequiresLoginFilte class implements the ComponentRequestFilter
>>>>> interface, I am confused about the coertion error!
>>>>
>>>> The error is weird. Could you post your
>>>> PmsModule.contributeComponentRequestHandler() method
>>> /**
>>> * This module is automatically included as part of the Tapestry IoC
>>>Registry,
>>> * it's a good place to configure and extend Tapestry, or to place your own
>>> * service definitions. spring
>>> */
>>> public class PmsModule {
>>> // public static void bind(ServiceBinder binder) {
>>> // // binder.bind(MyServiceInterface.class, MyServiceImpl.class);
>>> //
>>> // // Make bind() calls on the binder object to define most IoC
>>> services.
>>> // // Use service builder methods (example below) when the
>>> implementation
>>> // // is provided inline, or requires more initialization than simply
>>> // // invoking the constructor.
>>> // binder.bind(ArbeitspaketDao.class, ArbeitspaketDaoImpl.class);
>>> // binder.bind(AufgabeDao.class, AufgabeDaoImpl.class);
>>> // binder.bind(BasicDao.class, BasicDaoImpl.class);
>>> // binder.bind(FunktionDao.class, FunktionDaoImpl.class);
>>> //// binder.bind(GrantedAuthorityBeanDao.class,
>>> //// GrantedAuthorityBeanDaoImpl.class);
>>> // binder.bind(MitarbeiterDao.class, MitarbeiterDaoImpl.class);
>>> // binder.bind(MitarbeiterProjektDao.class,
>>> // MitarbeiterProjektDaoImpl.class);
>>> // binder.bind(ModulDao.class, ModulDaoImpl.class);
>>> // binder.bind(PersonMonatDao.class, PersonMonatDaoImpl.class);
>>> // binder.bind(UserDataDao.class, UserDataDaoImpl.class);
>>> // binder.bind(ProjektDao.class, ProjektDaoImpl.class);
>>> // binder.bind(UnteraufgabeDao.class, UnteraufgabeDaoImpl.class);
>>> // binder.bind(UnterunteraufgabeDao.class,
>>> UnterunteraufgabeDaoImpl.class);
>>> //
>>> // }
>>>
>>> public static void contributeFactoryDefaults(
>>> MappedConfiguration<String, Object> configuration) {
>>> // The application version number is incorprated into URLs for some
>>> // assets. Web browsers will cache assets because of the far future
>>> // expires
>>> // header. If existing assets are changed, the version number should
>>> // also
>>> // change, to force the browser to download new versions. This
>>>overrides
>>> // Tapesty's default
>>> // (a random hexadecimal number), but may be further overriden by
>>> // DevelopmentModule or
>>> // QaModule.
>>> configuration.override(SymbolConstants.APPLICATION_VERSION,
>>> "1.0-SNAPSHOT");
>>> }
>>>
>>> public static void contributeApplicationDefaults(
>>> MappedConfiguration<String, Object> configuration) {
>>> // Contributions to ApplicationDefaults will override any
>>>contributions
>>> // to
>>> // FactoryDefaults (with the same key). Here we're restricting the
>>> // supported
>>> // locales to just "en" (English). As you add localised message
>>>catalogs
>>> // and other assets,
>>> // you can extend this list of locales (it's a comma separated
>>>series of
>>> // locale names;
>>> // the first locale name is the default when there's no reasonable
>>> // match).
>>> // configuration.add(SymbolConstants.SUPPORTED_LOCALES, "en");
>>> configuration.add(SymbolConstants.SUPPORTED_LOCALES, "de");
>>> configuration.add(SymbolConstants.COMPRESS_WHITESPACE, "true");
>>>
>>> }
>>>
>>> /**
>>> * This is a service definition, the service will be named
>>>"TimingFilter".
>>> * The interface, RequestFilter, is used within the RequestHandler
>>>service
>>> * pipeline, which is built from the RequestHandler service
>>>configuration.
>>> * Tapestry IoC is responsible for passing in an appropriate Logger
>>> * instance. Requests for static resources are handled at a higher
>>>level, so
>>> * this filter will only be invoked for Tapestry related requests.
>>> * <p/>
>>> * <p/>
>>> * Service builder methods are useful when the implementation is inline
>>>as
>>> * an inner class (as here) or require some other kind of special
>>> * initialization. In most cases, use the static bind() method instead.
>>> * <p/>
>>> * <p/>
>>> * If this method was named "build", then the service id would be taken
>>>from
>>> * the service interface and would be "RequestFilter". Since Tapestry
>>> * already defines a service named "RequestFilter" we use an explicit
>>> * service id that we can reference inside the contribution method.
>>> */
>>> public RequestFilter buildTimingFilter(final Logger log) {
>>> return new RequestFilter() {
>>> public boolean service(Request request, Response response,
>>> RequestHandler handler) throws IOException {
>>> long startTime = System.currentTimeMillis();
>>>
>>> try {
>>> // The responsibility of a filter is to invoke the
>>> // corresponding method
>>> // in the handler. When you chain multiple filters
>>>together,
>>> // each filter
>>> // received a handler that is a bridge to the next
>>>filter.
>>>
>>> return handler.service(request, response);
>>> } finally {
>>> long elapsed = System.currentTimeMillis() - startTime;
>>>
>>> log.info(String.format("Request time: %d ms", elapsed));
>>> }
>>> }
>>> };
>>> }
>>>
>>> /**
>>> * This is a contribution to the RequestHandler service configuration.
>>>This
>>> * is how we extend Tapestry using the timing filter. A common use for
>>>this
>>> * kind of filter is transaction management or security. The @Local
>>> * annotation selects the desired service by type, but only from the
>>>same
>>> * module. Without @Local, there would be an error due to the other
>>> * service(s) that implement RequestFilter (defined in other modules).
>>> */
>>> public void
>>>contributeRequestHandler(OrderedConfiguration<RequestFilter> configuration,
>>>@Local RequestFilter filter) {
>>> // Each contribution to an ordered configuration has a name, When
>>> // necessary, you may
>>> // set constraints to precisely control the invocation order of the
>>> // contributed filter
>>> // within the pipeline.
>>>
>>> configuration.add("Timing", filter);
>>> }
>>>
>>>
>>> @SuppressWarnings("unchecked")
>>> public static void
>>>contributeComponentRequestHandler(OrderedConfiguration configuration) {
>>> configuration.addInstance("RequiresLogin",
>>>RequiresLoginFilter.class);
>>>
>>> }
>>>
>>>
>>>
>>>
>>>
>>>
>>> }
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
>>> For additional commands, e-mail: users-h...@tapestry.apache.org
>>>
>>
>>
>
>
>
> import java.io.IOException;
>
> import org.apache.tapestry5.services.ComponentEventRequestParameters;
> import org.apache.tapestry5.services.ComponentRequestHandler;
> import org.apache.tapestry5.services.PageRenderRequestParameters;
>
>
> /**
> * Filter interface for {@link
> org.apache.tapestry5.services.ComponentRequestHandler}.
> */
> /**
> * Our implementation of this filter will check the page referenced in the
> request to see if it has the annotation.
> * If the annotation is present and the user has not yet logged in, we'll
> redirect to the Login page.
> * When a redirect is not necessary, we delegate to the next handler in the
> pipeline2:
> */
> public interface ComponentRequestFilter
> {
> /**
> * Handler for a component action request which will trigger an event on a
>component and use the return value to
> * send a response to the client (typically, a redirect to a page render
>URL).
> *
> * @param parameters defining the request
> * @param handler next handler in the pipeline
> */
> void handleComponentEvent(ComponentEventRequestParameters parameters,
>ComponentRequestHandler handler)
> throws IOException;
>
> /**
> * Invoked to activate and render a page. In certain cases, based on
>values returned when activating the page, a
> * {@link org.apache.tapestry5.services.ComponentEventResultProcessor} may
>be used to send an alternate response
> * (typically, a redirect).
> *
> * @param parameters defines the page name and activation context
> * @param handler next handler in the pipeline
> */
> void handlePageRender(PageRenderRequestParameters parameters,
>ComponentRequestHandler handler) throws IOException;
> }
>
>
>
>
>
>
> import java.io.IOException;
>
> import org.apache.tapestry5.Link;
> import org.apache.tapestry5.runtime.Component;
> import org.apache.tapestry5.services.ComponentEventRequestParameters;
> import org.apache.tapestry5.services.ComponentRequestHandler;
> import org.apache.tapestry5.services.ComponentSource;
> import org.apache.tapestry5.services.PageRenderLinkSource;
> import org.apache.tapestry5.services.PageRenderRequestParameters;
> import org.apache.tapestry5.services.Response;
>
>
> import com.example.pms.annotations.*;
>
>
> public class RequiresLoginFilter implements ComponentRequestFilter {
>
> private PageRenderLinkSource renderLinkSource;
>
> private ComponentSource componentSource;
>
> private Response response;
>
> // private final AuthenticationService authService;
> private AuthenticatorImp authService;
>
>
> public void PageAccessFilter(PageRenderLinkSource renderLinkSource,
>ComponentSource componentSource,
> Response response, AuthenticatorImp
>authService) {
>
> this.renderLinkSource = renderLinkSource;
> this.componentSource = componentSource;
> this.response = response;
> this.authService = authService;
>
> }
>
> public void handleComponentEvent(
> ComponentEventRequestParameters parameters,
> ComponentRequestHandler handler) throws IOException {
>
> if (dispatchedToLoginPage(parameters.getActivePageName())) {
> return;
> }
>
> handler.handleComponentEvent(parameters);
>
> }
>
> public void handlePageRender(PageRenderRequestParameters parameters,
> ComponentRequestHandler handler) throws IOException {
>
> if (dispatchedToLoginPage(parameters.getLogicalPageName())) {
> return;
> }
>
> handler.handlePageRender(parameters);
> }
>
> private boolean dispatchedToLoginPage(String pageName) throws IOException {
>
> if (authService.isLoggedIn()) {
> return false;
> }
>
> Component page = componentSource.getPage(pageName);
>
> if (! page.getClass().isAnnotationPresent(RequiresLogin.class)) {
> return false;
> }
>
> Link link = renderLinkSource.createPageRenderLink("Index");
>
> response.sendRedirect(link);
>
> return true;
> }
> }
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
> For additional commands, e-mail: users-h...@tapestry.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
