tapestry-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kalle Korhonen <kalle.o.korho...@gmail.com>
Subject Re: Integrating tynamo tapestry-security (apache shiro)
Date Fri, 04 Mar 2011 17:23:02 GMT
On Fri, Mar 4, 2011 at 1:49 AM, Magnus Kvalheim <magnus@kvalheim.dk> wrote:
> This post is mostly related to tapestry-security, but I hope it's ok to post
> here in tapestry mailing list (now that Kalle is a committer and all.. :) )
> So I finally decided to implement tapestry-security. Had a few bumps in the
> road, as I will come back to, but all in all I must say it's been a
> pleasure.

Thanks for the extensive usage report Magnus! I've used
tapestry-security in so many projects now that I now it works well but
that said, I do want it to cover *all* security use cases.

> 1. Make tapestry-security localization aware
> When specifying urls for AccessControlFilters, either in shiro.ini or while
> setting applicationDefaults tapestry-security does not seem to honor
> localization.
> So if I'm in accessing though /en paths - then I'm redirected to a /  and
> loose the localization info.
> I have not been able to solve this yet.

Please open a (Tynamo) issue for it and I get to it.

> 2. shiro.ini or module configuration - I'm confused
> The tapestry-security documentation say you can configure shiro in either
> shiro.ini or in module.
> I might be wrong here, but it seems that from module you can only configure
> redirect urls, and FilterChainDefinitions
> through contributeSecurityRequestFilter.

You are right, currently shiro.ini is needed for configuring that. I
had made a separate jsecurity integration myself and the functionality
is available in tapestry-security 0.1.0, but that part is yet to
merged into current tapestry-security codebase (which is the result of
work from multiple contributors). I think I had even an issue opened
for it.. yes this is related:
http://jira.codehaus.org/browse/TYNAMO-76 (there's more, but I spare
you from the details).

> 3. Problems doing logout from tapestry
> (I've just found a different post regarding this with subject: "Error after
> logout")
> I found that when shiro is doing logout it invalidates the session in the
> end.

You can log out alright, but you just get the ugly stack traces if
Tapestry doesn't know about it before hand. Howard by the way fixed
that already in T5.3. What you ended up doing is exactly how I've done
it in numerous samples we have for tapestry-security. As always, the
documentation could be improved...


To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org

View raw message