#38 Integrat with DWR

v1.00 beta3
closed-fixed
5
2006-12-01
2006-11-30
No

Well, first the version is v1.00 beta3.

i got the lastest version in cvs and build with maven, then i do the deploy of the jguard-struts-example-1.0.0-SNAPSHOT.war generate by maven in tomcat.

And when first i access directly http://localhost:8080/jguard-struts-example-1.0.0-SNAPSHOT/dwr/test/Demo
all methods stay avaliable.

Remember, dont access any page of the app before. Only start the server and access directly the dwr debug page. Later access the index http://localhost:8080/jguard-struts-example-1.0.0-SNAPSHOT/ and refresh the DWR debug page to see the diference.

Discussion

  • Charles Lescot

    Charles Lescot - 2006-11-30
    • milestone: 602674 --> 602673
    • assigned_to: nobody --> diabolo512
     
  • Charles Lescot

    Charles Lescot - 2006-11-30
    • milestone: 602673 --> v1.00 beta3
     
  • Charles Lescot

    Charles Lescot - 2006-11-30

    Logged In: YES
    user_id=824172
    Originator: NO

    Hi,
    i've committed a fix for this bug.
    this fix refuse access to objects when user is not yet authenticated.
    but one better feature would be to redirect the user to the login screen (i read in your mind, isn't it? ;-) ).

    this is actually not yet available, because we are plugged into the DWR servlet which can only do this kind of stuff.
    but, i think (quickly, so i need to examine the potentials drawbacks)if i divide accessFilter into AuthenticationFilter and AuthorizationFilter, it can fullfills the need:
    you will have to configure AuthenticationFilter for all Request (i.e for struts and DWR), and authorizationFilter only for struts, and plug the AccessControl into the DWR to do the authorization stuff.

    what is your feedback?
    can you firstly confirm that it solve the bug?

    cheers,

    Charles.

     
  • Charles Lescot

    Charles Lescot - 2006-11-30
    • status: open --> open-fixed
     
  • Charles Lescot

    Charles Lescot - 2006-12-01
    • status: open-fixed --> closed-fixed
     

Log in to post a comment.