tapestry-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ulrich Stärk <...@spielviel.de>
Subject Re: Using HTTPS to secure tapestry pages
Date Thu, 24 Feb 2011 20:01:20 GMT
What Tapestry version? Just checked with 5.3.0-SNAPSHOT and it works like a charm.

BTW: SECURE_ENABLED is only needed when PRODUCTION_MODE is set to false. In production mode,
secure
is enabled by default.

Uli

On 23.02.2011 19:40, Matias Moran wrote:
> Dear Tapestry users, how have you been?
> 
> I'm writing this time to ask you about using HTTPS with Jetty.
> 
> I followed the advices of the page http://tapestry.apache.org/tapestry5/guide/secure.html
and others, but I wasn't able to make it work for all the pages at once.
> What I'm trying to do is securing all the pages in one place, an avoid to put the @Secure
annotation in every single page.
> 
> I tried putting in AppModule, inside of contributeApplicationDefaults the values: 
> 
> configuration.add(SymbolConstants.PRODUCTION_MODE, "true");
> configuration.add(SymbolConstants.SECURE_ENABLED, "true");
> 
> And then, I added also in AppModule:
> 
> public void contributeMetaDataLocator(MappedConfiguration<String,String> configuration)
{
>     configuration.add(MetaDataConstants.SECURE_PAGE, "true");
> }
> 
> and
> 
> public static void contributeAlias(Configuration<AliasContribution<?>> configuration)
{
>         
>     BaseURLSource source = new BaseURLSource() {
> 
>         public String getBaseURL(boolean secure) {
> 
>             String protocol = secure ? "https" : "http";
> 
>             int port = secure ? 8443 : 8080;
> 
>             return String.format("%s://server:%d", protocol, port);
>         }
>     };
> 
>     configuration.add(AliasContribution.create(BaseURLSource.class, source));
> }
> 
> 
> 
> At last, in the Jetty plugin, I defined the connectors, to force the use of certain ports
for certain protocol:
> 
> <connectors>
>     <connector implementation="org.eclipse.jetty.server.nio.SelectChannelConnector">
>         <port>8080</port>
>         <maxIdleTime>60000</maxIdleTime>
>     </connector>
>     <connector implementation="org.eclipse.jetty.server.ssl.SslSocketConnector">
>         <port>8443</port>
>         <maxIdleTime>60000</maxIdleTime>
>         <keystore>src/test/resources/keystore</keystore>
>         <password>password</password>
>         <keyPassword>password</keyPassword>
>     </connector>
> </connectors>
> 
> 
> But it doesn't work, at least for me. I tried adding the @Secure annotation to every
page (which is exactly what I'm trying to avoid), and it started to work the way I wanted.

> 
> Is there anything I'm forgetting? Does it require any other configurations?
> 
> 
> Thanks in advance!!! Best wishes!
> 
> Matias.
> 
> 
>       

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org


Mime
View raw message