|
|
1) Why not have a custom StaleSession.html page?
Its pageBeginRender could redirect to the login form, couldn't it?
2) Remove the servlet mapping
3) For cookies, see org.apache.tapestry.services.CookieSource and inject it
using service:tapestry.request.CookieSource
For redirects, see 5)
4) ...
5) Review http://jakarta.apache.org/tapestry/UsersGuide/listenermethods.html :)
.. and return an ILink instance from your listener
>From Matt Raible <mraible@xxxxxxxxx>:
> I spent the last couple of days upgrading AppFuse from Tapestry 3.0.3
> to Tapestry 4.0.1. I ran into quite a few issues, many of which were
> solved by this mailing list. Thanks for being so responsive and
> helping me out - the Tapestry mailing list is definitely one of the
> best I've ever worked with.
>
> I do have a few issues that I couldn't solve and I'm hoping you can help:
>
> 1. When a user's session expires, a page is displayed to the user. I'm
> using Acegi Security and I'd prefer the behavior that I get from other
> web frameworks - which basically prompt the user to login again. What
> I've done to workaround this issue is to use URL Rewrite Filter to
> redirect restart.svc to / - which will prompt users to login again.
>
> 2. I've noticed that users can access the mainMenu (home) of my app by
> using /app. Does there need to be a servlet mapping for /app? I've
> tried using Acegi and URL Rewrite Filter to protect /app, but nothing
> seems to work. Of course, it was 3 a.m. when I was trying to do this.
> ;-)
>
> 3. I found I needed to inject HttpServletRequest and
> HttpServletResponse when I wanted to grab cookies and send redirects.
> Is there a better way to do this? WebRequest and WebResponse don't
> seem to support cookies or redirects (for example:
> getResponse().sendRedirect(getRequest().getContextPath());).
>
> 4. Friendly URLs: I like how I don't have to hack the code to get
> Friendly URLs. However, I found that having to map *.html, *.sdirect,
> *.direct and *.svc to be somewhat of a pain - especially when
> integrating with Acegi. Since Acegi is URL-based, if I want to really
> lock down security, I have to have duplicate definitions for many of
> the different extensions (correct me if I'm wrong). Also, when it
> comes to filters, it can be quite cumbersome to register 5 mappings
> per filter. I have 7 filters and I don't want to need 35 mappings.
> Of course, I don't need to map them all for all the extensions, but
> Tapestry's Friendly URL support is much less friendly than the other
> frameworks that use only one extension.
>
> 5. Is it possible to redirect back to the same page? Basically, I
> want to use Tapestry-Flash, call setMessage() on the page I'm working
> in, and then somehow redirect to it so the redirect-after-post pattern
> is in place.
>
> Thanks for all your help thus far,
>
> Matt
> http://appfuse.dev.java.net
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tapestry-user-unsubscribe@xxxxxxxxxxxxxxxxxx
> For additional commands, e-mail: tapestry-user-help@xxxxxxxxxxxxxxxxxx
>
>
>
--
---------------------------------------------------------------------
To unsubscribe, e-mail: tapestry-user-unsubscribe@xxxxxxxxxxxxxxxxxx
For additional commands, e-mail: tapestry-user-help@xxxxxxxxxxxxxxxxxx
|
|