Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 5BAB4200BB0 for ; Sun, 30 Oct 2016 23:19:49 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id 5A1C9160AF1; Sun, 30 Oct 2016 22:19:49 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 79E35160ADD for ; Sun, 30 Oct 2016 23:19:48 +0100 (CET) Received: (qmail 2636 invoked by uid 500); 30 Oct 2016 22:19:47 -0000 Mailing-List: contact commits-help@tapestry.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@tapestry.apache.org Delivered-To: mailing list commits@tapestry.apache.org Received: (qmail 2626 invoked by uid 99); 30 Oct 2016 22:19:47 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd1-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 30 Oct 2016 22:19:47 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org) with ESMTP id 3223EC1D74 for ; Sun, 30 Oct 2016 22:19:47 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -1.199 X-Spam-Level: X-Spam-Status: No, score=-1.199 tagged_above=-999 required=6.31 tests=[KAM_ASCII_DIVIDERS=0.8, KAM_LAZY_DOMAIN_SECURITY=1, RP_MATCHES_RCVD=-2.999] autolearn=disabled Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new, port 10024) with ESMTP id 1SXrxffjgbk3 for ; Sun, 30 Oct 2016 22:19:45 +0000 (UTC) Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTP id EB2505F1EE for ; Sun, 30 Oct 2016 22:19:44 +0000 (UTC) Received: from svn01-us-west.apache.org (svn.apache.org [10.41.0.6]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id 503DFE010F for ; Sun, 30 Oct 2016 22:19:44 +0000 (UTC) Received: from svn01-us-west.apache.org (localhost [127.0.0.1]) by svn01-us-west.apache.org (ASF Mail Server at svn01-us-west.apache.org) with ESMTP id 1ACAB3A0141 for ; Sun, 30 Oct 2016 22:19:44 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1000168 - in /websites/production/tapestry/content: cache/main.pageCache security.html Date: Sun, 30 Oct 2016 22:19:43 -0000 To: commits@tapestry.apache.org From: buildbot@apache.org X-Mailer: svnmailer-1.0.9 Message-Id: <20161030221944.1ACAB3A0141@svn01-us-west.apache.org> archived-at: Sun, 30 Oct 2016 22:19:49 -0000 Author: buildbot Date: Sun Oct 30 22:19:43 2016 New Revision: 1000168 Log: Production update by buildbot for tapestry Modified: websites/production/tapestry/content/cache/main.pageCache websites/production/tapestry/content/security.html Modified: websites/production/tapestry/content/cache/main.pageCache ============================================================================== Binary files - no diff available. Modified: websites/production/tapestry/content/security.html ============================================================================== --- websites/production/tapestry/content/security.html (original) +++ websites/production/tapestry/content/security.html Sun Oct 30 22:19:43 2016 @@ -90,7 +90,7 @@ HTTPS

 

HTTPS-only Pages

Main Article: HTTPS

Tapestry provides several annotations and configuration settings that you can use to ensure that all access to certain pages (or all pages) occurs only via the encrypted HTTPS protocol. See HTTPS for details.

Controlling Page Access

JumpStart Demo:
- Protecting Pages

For simple access control needs, you can contribute a ComponentRequestFilter with your custom logic that decides which pages should be accessed by which users.

For more advanced needs see the Security Framework Integration section below.

White-listed Pages

Pages whose component classes are annotated with @WhitelistAccessOnly will only be disp layed to users (clients) that are on the whitelist. By default the whitelist consists only of clients whose fully-qualified domain name is "localhost" (or the IP address equivalent, 127.0.0.1 or 0:0:0:0:0:0:0:1), but you can customize this by contributing to the ClientWhitelist service in your application's module class (usually AppModule.java):

AppModule.java (partial) – simple inline example
+ Protecting Pages

For simple access control needs, you can contribute a ComponentRequestFilter with your custom logic that decides which pages should be accessed by which users. The Tapestry Hotel Booking app demonstrates this approach with an @AnonymousAccess annotation along with a ComponentRequestFilter named AuthenticationFilter.java. The filter enforces security by intercepting all requests to pages that don't have that annotation, and it redirects those requests to the login page. JumpStart has a similar demo.

For more advanced needs see the Security Framework Integration section below.

White-listed Pages

Pages whose component classes are annotated with @WhitelistAccessOnly will only be displayed to users (clients) that are on the whitelist. By default the whitelist consists only of clients whose fully-qualified domain name is "localhost" (or the IP address equivalent, 127.0.0.1 or 0:0:0:0:0:0:0:1), but you can customize this by contributing to the ClientWhitelist service in your application's module class (usually AppModule.java):

AppModule.java (partial) – simple inline example
    @Contribute(ClientWhitelist.class)
     public static void provideWhitelistAnalyzer(OrderedConfiguration<WhitelistAnalyzer> configuration)
     {