smartweb-devel Mailing List for SmartWeb (Page 5)
Brought to you by:
rlogiacco
Menu
▾
▴
smartweb-devel — Dedicated to framework developers
You can subscribe to this list here.
| 2006 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(1) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2007 |
Jan
(3) |
Feb
(2) |
Mar
(1) |
Apr
(3) |
May
(4) |
Jun
(3) |
Jul
(6) |
Aug
(1) |
Sep
(5) |
Oct
(7) |
Nov
(52) |
Dec
(3) |
| 2008 |
Jan
(18) |
Feb
(1) |
Mar
(4) |
Apr
(30) |
May
(19) |
Jun
(5) |
Jul
(1) |
Aug
|
Sep
|
Oct
(1) |
Nov
|
Dec
|
| 2009 |
Jan
|
Feb
(1) |
Mar
(10) |
Apr
|
May
(2) |
Jun
(3) |
Jul
|
Aug
(2) |
Sep
(5) |
Oct
(4) |
Nov
|
Dec
|
|
From: Roberto Lo G. <rlo...@us...> - 2008-01-22 12:06:23
|
Actually the <auth:valid> tag supports the definition of a comma-separated roles list in the "role" attribute. This means you can ALREADY write something like <auth:valid role="role1,role2,role3"> About the "grouping" feature I wish to highlight something: a group is a collection of users and cannot contain roles... those are two distinct business elements which we want to maintain as separated as possible. It's an important distinction I wish to underline for convenience wherever is possible, nothing personal. Pino Contartese wrote: > > Hi, > first of all , I completly agree with your request . We need to associate > a user 'function' to a role in a configuration file (xml format for best). > It was great your first solution proposed . > I propose an alternative scenario : > always in a gui it was wonder to write : > <auth valid : roles="myRoles1,myRoles2,.." > as a function to permitt > different cuncurrency roles . > or another solution <auth valid : groupId="devel" > were devel is a group > of distincts roles associate to a user . > Waiting for reply.. > > > Gaetano Perrone wrote: >> >> Actually if we would visualize a button for the users in a "myRole" role >> on the application gui we must add a tag <auth:valid role="myRole" >> > . This means that the business rules about user permission lie >> around the jsp source code, So if i would change the role permission >> strategy i must, in the worst case look around all the jsp page. >> I think we could have the same approch used for the domain methods >> authentication (AOP) for determining if a button, a textfield, a label >> must be visualized. >> I have detected 2 approchs: >> >> 1. Add to the project an <auth:valid funtion="myFunction" > . >> This approch has the loss of needing the coding in all the authorized >> code blocks. >> >> 2. Override struts html tags <html:button id="myFunction" ... >> <html:text id="myFunction" etc... >> >> waiting for your feedback >> > > -- View this message in context: http://www.nabble.com/-smartweb-auth--How-to-customize-application-gui-by-user%27s-role-tp14876789s17546p15017501.html Sent from the SmartWeb Developers mailing list archive at Nabble.com. |
|
From: Roberto Lo G. <rlo...@us...> - 2008-01-22 12:01:56
|
I've a proposal which delivers your request to it's maximum flexibility:
point-cut the Tag interface to allow constraints on a tag level basis.
In brief what I suggest is to use AOP to intercept calls to any JSP tag and
verify if a constraint exists on that tag: if the constraint is not verified
that tag is not executed at all and all it's contents are skipped.
Here follows an example JSP fragment from the registry module:
<html:form action="/registry/entry-save">
<html:hidden property="id"/><html:hidden property="version"/>
<bean:message key="entry.header.edit" bundle="registry"/>
<bean:message key="entry.display" bundle="registry"/><html:text
property="display" size="30"/>
<html:button titleKey="operation.remove.title" property="remove"
disabled="true"><bean:message key="operation.remove"/></html:button>
<html:cancel titleKey="operation.cancel.title"><bean:message
key="operation.cancel"/></html:cancel>
<html:submit titleKey="operation.complete.title"><bean:message
key="operation.complete"/></html:submit>
</html:form>
Using AOP we can control the GUI field by field, tag by tag on a per role
basis, like in the following security.xml example:
<security xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="security.xsd">
.
.
.
<roles>
<role id="user">
<description>Registered visitor</description>
<privilege resource="entry-edit.jsp" element="*" modifier="rwx"/>
<privilege resource="entry-edit.jsp" element="remove" modifier="r"/>
</role>
</roles>
</security>
The meaningful parts are the last two privileges of the "user" role:
- the first privilege allows the user to view, edit and execute every
element on the JSP
- the last privilege allows the user to only view the element marked
"remove" on the JSP
If you look back at the JSP the "remove" element in the JSP is a button and
the read-only permission says something like "show the button but make it
not executable" so the button should be displayed but in a disabled status.
The argument to this approach can be:
- it may be too flexible
- it may be hard to understand
- it may be difficult to implement
We are already investigating the last point but we appreciate your opinions
on the first two.
Gaetano Perrone wrote:
>
> I think u don't understand the solution i propose.
> The xml configuration file that associates user's role to function yet
> exists and was introduced with AOP domain methods authentication.
> The solution u propose ( <auth:valid role="role1" ) also exists yet but
> what i would avoid to specify the role in the jsp page parametrizing it by
> function name and configured (xml & AOP) role-function association. The
> advantage as i said in the previous post is that changing the role's
> function associate impacts only at configuration time and we must'nt need
> rediting N jsp pages source code
> :-)
>
--
View this message in context: http://www.nabble.com/-smartweb-auth--How-to-customize-application-gui-by-user%27s-role-tp14876789s17546p15017447.html
Sent from the SmartWeb Developers mailing list archive at Nabble.com.
|
|
From: Gaetano P. <gpe...@sm...> - 2008-01-16 22:17:59
|
I think u don't understand the solution i propose. The xml configuration file that associates user's role to function yet exists and was introduced with AOP domain methods authentication. The solution u propose ( <auth:valid role="role1" ) also exists yet but what i would avoid to specify the role in the jsp page parametrizing it by function name and configured (xml & AOP) role-function association. The advantage as i said in the previous post is that changing the role's function associate impacts only at configuration time and we must'nt need rediting N jsp pages source code :-) Pino Contartese wrote: > > Hi, > first of all , I completly agree with your request . We need to associate > a user 'function' to a role in a configuration file (xml format for best). > It was great your first solution proposed . > I propose an alternative scenario : > always in a gui it was wonder to write : > <auth valid : roles="myRoles1,myRoles2,.." > as a function to permitt > different cuncurrency roles . > or another solution <auth valid : groupId="devel" > were devel is a group > of distincts roles associate to a user . > Waiting for reply.. > > > Gaetano Perrone wrote: >> >> Actually if we would visualize a button for the users in a "myRole" role >> on the application gui we must add a tag <auth:valid role="myRole" >> > . This means that the business rules about user permission lie >> around the jsp source code, So if i would change the role permission >> strategy i must, in the worst case look around all the jsp page. >> I think we could have the same approch used for the domain methods >> authentication (AOP) for determining if a button, a textfield, a label >> must be visualized. >> I have detected 2 approchs: >> >> 1. Add to the project an <auth:valid funtion="myFunction" > . >> This approch has the loss of needing the coding in all the authorized >> code blocks. >> >> 2. Override struts html tags <html:button id="myFunction" ... >> <html:text id="myFunction" etc... >> >> waiting for your feedback >> > > -- View this message in context: http://www.nabble.com/-smartweb-auth--How-to-customize-application-gui-by-user%27s-role-tp14876789s17546p14896449.html Sent from the SmartWeb Developers mailing list archive at Nabble.com. |
|
From: Pino C. <gco...@gm...> - 2008-01-16 10:52:42
|
Hi, first of all , I completly agree with your request . We need to associate a user 'function' to a role in a configuration file (xml format for best). It was great your first solution proposed . I propose an alternative scenario : always in a gui it was wonder to write : <auth valid : roles="myRoles1,myRoles2,.." > as a function to permitt different cuncurrency roles . or another solution <auth valid : groupId="devel" > were devel is a group of distincts roles associate to a user . Waiting for reply.. Gaetano Perrone wrote: > > Actually if we would visualize a button for the users in a "myRole" role > on the application gui we must add a tag <auth:valid role="myRole" > > . This means that the business rules about user permission lie around > the jsp source code, So if i would change the role permission strategy i > must, in the worst case look around all the jsp page. > I think we could have the same approch used for the domain methods > authentication (AOP) for determining if a button, a textfield, a label > must be visualized. > I have detected 2 approchs: > > 1. Add to the project an <auth:valid funtion="myFunction" > . This > approch has the loss of needing the coding in all the authorized code > blocks. > > 2. Override struts html tags <html:button id="myFunction" ... > <html:text id="myFunction" etc... > > waiting for your feedback > -- View this message in context: http://www.nabble.com/-smartweb-auth--How-to-customize-application-gui-by-user%27s-role-tp14876789s17546p14877928.html Sent from the SmartWeb Developers mailing list archive at Nabble.com. |
|
From: Gaetano P. <gpe...@sm...> - 2008-01-16 10:02:50
|
Actually if we would visualize a button for the users in a "myRole" role on the application gui we must add a tag <auth:valid role="myRole" > . This means that the business rules about user permission lie around the jsp source code, So if i would change the role permission strategy i must, in the worst case look around all the jsp page. I think we could have the same approch used for the domain methods authentication (AOP) for determining if a button, a textfield, a label must be visualized. I have detected 2 approchs: 1. Add to the project an <auth:valid funtion="myFunction" > . This approch has the loss of needing the coding in all the authorized code blocks. 2. Override struts html tags <html:button id="myFunction" ... <html:text id="myFunction" etc... waiting for your feedback -- View this message in context: http://www.nabble.com/-smartweb-auth--How-to-customize-application-gui-by-user%27s-role-tp14876789s17546p14876789.html Sent from the SmartWeb Developers mailing list archive at Nabble.com. |
|
From: Gaetano P. <gpe...@sm...> - 2007-12-14 14:16:44
|
Truly I haven't yet got the time to think about how to implement but only to what to implement. Otherwise I think 2 approches are possibile: 1. Standard component to customize (by configuration: xml / properties) 2. Standard component that supports standard features: we could introduce a tag library for doing it receiving the entity (the mapped class or a property we can resolve with the mapped class at configuration time) the criteria to filter. Mapped classes that are "searchable" could implement a Searchable interface. The previous sentence are just ideas at this time, but suggestion are appreciated. Roberto Lo Giacco wrote: > > I like the idea, but I've few questions for you: > > - do you intend a component that doesn't need to be customized on a per > entity basis? > - in case the previous answer is yes, how do you intend to choose fields > that should be considered searchable? > > > Gaetano Perrone wrote: >> >> I'm thinking about introducing a standard web entity search component. >> Think about a form mask with customer field to valorize with the customer >> id. Actually we do this opening a popup and managing manually all the >> interaction between the opener and the opened window. >> In my opinion a standard generalized ajax complient component ( :-) ) >> could >> resolve this common web developing problem. >> Waiting for opinions... >> > > -- View this message in context: http://www.nabble.com/Introducing-a-Web-Entity-Search-Component-tp14209483s17546p14336619.html Sent from the SmartWeb Developers mailing list archive at Nabble.com. |
|
From: Roberto Lo G. <rlo...@us...> - 2007-12-14 13:41:01
|
I like the idea, but I've few questions for you: - do you intend a component that doesn't need to be customized on a per entity basis? - in case the previous answer is yes, how do you intend to choose fields that should be considered searchable? Gaetano Perrone wrote: > > I'm thinking about introducing a standard web entity search component. > Think about a form mask with customer field to valorize with the customer > id. Actually we do this opening a popup and managing manually all the > interaction between the opener and the opened window. > In my opinion a standard generalized ajax complient component ( :-) ) > could > resolve this common web developing problem. > Waiting for opinions... > -- View this message in context: http://www.nabble.com/Introducing-a-Web-Entity-Search-Component-tp14209483s17546p14335866.html Sent from the SmartWeb Developers mailing list archive at Nabble.com. |
|
From: Gaetano P. <gpe...@sm...> - 2007-12-07 09:27:11
|
I'm thinking about introducing a standard web entity search component. Think about a form mask with customer field to valorize with the customer id. Actually we do this opening a popup and managing manually all the interaction between the opener and the opened window. In my opinion a standard generalized ajax complient component ( :-) ) could resolve this common web developing problem. Waiting for opinions... -- View this message in context: http://www.nabble.com/Introducing-a-Web-Entity-Search-Component-tf4961136s17546.html#a14209483 Sent from the SmartWeb Developers mailing list archive at Nabble.com. |
|
From: Roberto Lo G. <rlo...@sm...> - 2007-11-17 19:54:11
|
Hi all,
today Stefano opened an issue, correctly in my opinion, regarding the
configuration files retrieve algorithm.
Since we started to use the Maven suggested notation for jar files
(smartweb-auth-1.0.0.jar for example) the file retrieve algorithm has
exposed his flaws.
Assume you want to have some classes persisted on a PostgreSQL server
and some else persisted on MySQL: to accomplish this objective you
should have those classes jarred into two different archives.
Speaking in terms of modules we want the smartweb-registry classes on
PostgreSQL and the smartweb-auth classes on MySQL. Into your EAR or
WAR you should have 2 different .hcf files: one can be named
smartweb.jar.hcf (not the best choice, but possible) and the other
should be named smartweb-auth-<version>.jar.hcf!!! In practice you
have your configuration file stuck to the FULL filename of the JAR.
The same issue regards Domain wide configuration files added in the
1.2 release of the core: the smartweb-auth configuration file (the
place where you configure what you want to protect and how it should
be protected) should be named, for the next release,
smartweb-auth-0.8.0.jar.xml !!!!
The problem here is when you want to upgrade the library...you must
rename the files! In my opinion this can be a small advantage in terms
of attention during upgrade process, but it introduces a lot of work
and confusion too with errors arising even on a simple bugfixing
patch.
We thought about the possibility to strip out the version part from
the name during searches with the following statement:
name = name.substring(0, name.lastIndexOf('-')) +
name.substring(name.lastIndexOf('.'));
But this approach doesn't work with filenames like
smartweb-auth-1.0.0-beta.jar or smartweb-auth-1.0.0-SNAPSHOT.jar which
are standard for Maven. We could fix the striping algorithm trying to
check if the hyphen is followed by a digit (may be using a regexp
pattern) but we found another filename which can break the algorithm:
smartweb-auth-1.0.0-beta-4.jar !
I'm opening the discussion to the forum contributions as we are
actually stuck into a definitive solution or a shared compromise.
Roberto
|
|
From: Roberto Lo G. <rlo...@us...> - 2007-11-16 00:13:27
|
The registration handler interface is completely wrong and was reverted to a very primitive state! Many mistakes could be found on that interface: 1 - the onRegister method, while correct from a naming perspective, is not the only method needed to perform registration! The verify() method is a must and the update() method was deleted instead to be renamed onUpdate(). 2 - the prologue comment stating hte class is open source is missing! 3 - the existing javadoc comments where wiped out!!! 4 - the definition of the states String array in the interface is probably a nonsense as it's implicitly STATIC and FINAL!!!! I suggest a complete rollback and a rethink about what have been done. More mistakes can be found on the EmailVerifierRegistrationHandler implementation like the usage of the RuntimeException subclass IllegalStateException which is used in threading contextes!!! I'll attach the original interface (RegistrationHandler.java) and what I suggest (RegistrationHandler.new) for further discussion. |
|
From: Roberto Lo G. <rlo...@sm...> - 2007-11-15 23:21:01
|
This notice is directed for all committers, both on core framework and additional modules. I noticed we didn't get used to update the changes.xml file upon bug fixing so I'm here asking you to pay attention to the committing procedure. Whenever you close a bug committing a patch (it's not really important if YOU were the patch developer or someone else) you should take one more minute BEFORE committing the path into the main trunk and update the doc/site/changes.xml file adding the fixed bug at the BEGINNING of the file. The rule is simple: - fixed bugs should be released with the next patching release - added features should be released with the next minor release Please take a minute and save me hours to double check the file before releasing! Thank you. |
|
From: Roberto Lo G. <rlo...@sm...> - 2007-11-15 23:06:54
|
I suddenly found the AuthenticationHandler interface refactored to an event based naming style: onLogin onLogout I agree with the naming schema but I suggest to apply it on the AuthorizationHandler interface too and move the check() method to: onExecute or onRequest Any counter indication or suggestion? |
|
From: Roberto Lo G. <rlo...@sm...> - 2007-11-14 19:56:41
|
2007/11/14, Gaetano Perrone <gpe...@sm...>: > > I disagree to your sentence > > "the following is the easyest thing boolean loggedin = !User.isGuest();" > > becuase it presumes u uses the auth module to know that this static method > works with the current method executing user. > If anyone retrieves a User object instance why he must ask to a static > method if this User instance is Guest and not simply to the object ifself. > And thermore why i must ask statically something that changes dinamically??? > I'm so confused...as new deveoper approching smartweb framework... > > User user= ....retrieve a User instance... > boolean logged = user.isGuest(); I think you are having the same problem many people has with ThreadLocal concepts. In brief: you are "statically" accessing something stored into the current thread, which is usually thought as "dynamc" but we are talking about two different things as objects are stored into the heap and you are accessing something stored into the stack. So "static" and "dynamic" are non-sense while mixing up two different scopes. Anyway I understand your worries and I had the same problems in the first place, but here we are simply copying the same approach used inside the core Java libraries to make everything easier to understand. I suggest to write down documentation instead to refactor as the problem seems to be on understatement and not on interface fringment or rigidity. |
|
From: Gaetano P. <gpe...@sm...> - 2007-11-14 14:02:30
|
I disagree to your sentence "the following is the easyest thing boolean loggedin = !User.isGuest();" becuase it presumes u uses the auth module to know that this static method works with the current method executing user. If anyone retrieves a User object instance why he must ask to a static method if this User instance is Guest and not simply to the object ifself. And thermore why i must ask statically something that changes dinamically??? I'm so confused...as new deveoper approching smartweb framework... User user= ....retrieve a User instance... boolean logged = user.isGuest(); Roberto Lo Giacco-4 wrote: > > 2007/11/14, Gaetano Perrone <gpe...@sm...>: >> I'm doubtful about the static isGuest() method in User class: >> In my opinion a more elegant solution is a not static method declaration: >> >> User user = User.get(); >> boolean loggedin =!user.isGuest(); >> I'm waiting for your opinion... > > I think an additional non-static method could be added but I don't see > the need for it: if you want to know if a user is a guest you could > simply > > boolean loggedin = (User.get() != User.GUEST); > > but in my honest opinion the following is the easyest thing > > boolean loggedin = !User.isGuest(); > > as this form shortens the statement a lot and is a bit less error prone > > ------------------------------------------------------------------------- > This SF.net email is sponsored by: Splunk Inc. > Still grepping through log files to find problems? Stop. > Now Search log events and configuration files using AJAX and a browser. > Download your FREE copy of Splunk now >> http://get.splunk.com/ > _______________________________________________ > smartweb-devel mailing list > sma...@li... > https://lists.sourceforge.net/lists/listinfo/smartweb-devel > > -- View this message in context: http://www.nabble.com/Static-sign-on-auth-module-less-understandable-tf4774615s17546.html#a13746936 Sent from the SmartWeb Developers mailing list archive at Nabble.com. |
|
From: Pino C. <gco...@gm...> - 2007-11-14 14:02:18
|
Ok ..now I really understand your worries about it and accept the current
signature ..
Thanks for your explanation ..See soon
Roberto Lo Giacco-4 wrote:
>
> Hi Pino,
> the simple get() method mimics the ThreadLocal.get() method which is
> used inside the method you are proposing to rename.
>
> So a get() method exists in the standard Java libraries and we named
> it in the same way to reflect the kind of User instance we are
> returning: the current user for the current thread.
>
> I'm worried about the possibility a getCurrent() method can confuse
> about which kind of "current" we refer: it may refer to the global
> user (not existing at all) or the current system user (not obtainable
> through the module) or anything else you can imagine. A fully
> explainable signature (not sign!) would be getCurrentThreadUser() but
> it can be hard to find out for lazy people.
>
> About the kind of data the simple get() method is about it should be
> easily understandable by giving an eye to the return type....
>
> I'm still open to discussion, but for now a refactorying is not as
> needed as you depict in my opinion.
>
> 2007/11/14, Pino Contartese <gco...@gm...>:
>>
>> Hy.. (:-)
>> I prefer to use it User.isGuest() in static way .
>> I consider it simpler and more elegant..
>> But it's only my opinion...
>> Rather it's never enough an eclipse ctrl+space to understand anything . I
>> never found a method .get() without any friendly attribute reference as
>> Name() or Instance() ..and I propose it for a more elegant sign (not
>> more!)
>> :-{
>>
>>
>> Gaetano Perrone wrote:
>> >
>> > Rather then refactoring the static User.get() method, that anyway is
>> the
>> > only one static getter method on User class and an eclipse ctrl+space
>> is
>> > more then enough to understand it,
>> > I'm doubtful about the static isGuest() method in User class:
>> > In my opinion a more elegant solution is a not static method
>> declaration:
>> >
>> > User user = User.get();
>> > boolean loggedin =!user.isGuest();
>> > I'm waiting for your opinion...
>> >
>> >
>> >
>> >
>> >
>> > Pino Contartese wrote:
>> >>
>> >> Ok I received the message...
>> >> But don't you think it's better to use User.getCurrent() rather than
>> use
>> >> User.get()?
>> >> get what?
>> >>
>> >> For the moment i don't need to use it in a jsp page cause I've to
>> filter
>> >> a request for a specific resource.
>> >> and so I use it in the java code..
>> >> Happy to know your answer..see soon
>> >>
>> >> svetrini wrote:
>> >>>
>> >>> I don't agree :-)
>> >>> This is a wrong way to check if the user is logged in,
>> >>> becuse when you are not logged in User.get() return Guest User !
>> >>> You have to use the Valid tag in jsp or in other place i suggest you
>> to
>> >>> use
>> >>> code similar to this:
>> >>>
>> >>> User user = User.get();
>> >>> boolean loggedin = !net.smartlab.web.auth.User.isGuest(user);
>> >>>
>> >>>
>> >>>
>> >>> 2007/11/9, Pino Contartese <gco...@gm...>:
>> >>>>
>> >>>>
>> >>>> Ok better express the proposal reproposing a real case
>> >>>> I have to check that the user is logged in or not and I write:
>> >>>> If (net.smartlab.web.auth.User.get ()! = null) (
>> >>>> ...
>> >>>> It doesn't seem so friendly ..it was better for me to use it with
>> >>>> antoher
>> >>>> sign like I suggest before
>> >>>> net.smartlab.web.auth.User.getCurrent() !=null
>> >>>>
>> >>>> Do you agree with me ?
>> >>>>
>> >>>>
>> >>>> Roberto Lo Giacco wrote:
>> >>>> >
>> >>>> > Do you mean auth module with the statement form auth?
>> >>>> > In case I understood correctly I think this could be a minor
>> change
>> >>>> into
>> >>>> > the auth module API but I'm not sure what the advantages will
>> be...
>> >>>> can
>> >>>> > you provide any reason for the change?
>> >>>> >
>> >>>> >
>> >>>> > Pino Contartese wrote:
>> >>>> >>
>> >>>> >> Uhmm ...
>> >>>> >> Hi Stephen,I start to use the form auth and I have noticed that
>> the
>> >>>> >> signature of static method User.get () is a little
>> understandable.
>> >>>> It
>> >>>> >> would be more understandable User.getCurrent ()?
>> >>>> >> I expect a response from everyone on ..
>> >>>> >>
>> >>>> >
>> >>>> >
>> >>>>
>> >>>> --
>> >>>> View this message in context:
>> >>>>
>> http://www.nabble.com/Static-sign-on-auth-module-less-understandable-tf4774615s17546.html#a13667696
>> >>>> Sent from the SmartWeb Developers mailing list archive at
>> Nabble.com.
>> >>>>
>> >>>>
>> >>>>
>> -------------------------------------------------------------------------
>> >>>> This SF.net email is sponsored by: Splunk Inc.
>> >>>> Still grepping through log files to find problems? Stop.
>> >>>> Now Search log events and configuration files using AJAX and a
>> browser.
>> >>>> Download your FREE copy of Splunk now >> http://get.splunk.com/
>> >>>> _______________________________________________
>> >>>> smartweb-devel mailing list
>> >>>> sma...@li...
>> >>>> https://lists.sourceforge.net/lists/listinfo/smartweb-devel
>> >>>>
>> >>>
>> >>>
>> -------------------------------------------------------------------------
>> >>> This SF.net email is sponsored by: Splunk Inc.
>> >>> Still grepping through log files to find problems? Stop.
>> >>> Now Search log events and configuration files using AJAX and a
>> browser.
>> >>> Download your FREE copy of Splunk now >> http://get.splunk.com/
>> >>> _______________________________________________
>> >>> smartweb-devel mailing list
>> >>> sma...@li...
>> >>> https://lists.sourceforge.net/lists/listinfo/smartweb-devel
>> >>>
>> >>>
>> >>
>> >>
>> >
>> >
>>
>> --
>> View this message in context:
>> http://www.nabble.com/Static-sign-on-auth-module-less-understandable-tf4774615s17546.html#a13745652
>> Sent from the SmartWeb Developers mailing list archive at Nabble.com.
>>
>>
>> -------------------------------------------------------------------------
>> This SF.net email is sponsored by: Splunk Inc.
>> Still grepping through log files to find problems? Stop.
>> Now Search log events and configuration files using AJAX and a browser.
>> Download your FREE copy of Splunk now >> http://get.splunk.com/
>> _______________________________________________
>> smartweb-devel mailing list
>> sma...@li...
>> https://lists.sourceforge.net/lists/listinfo/smartweb-devel
>>
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc.
> Still grepping through log files to find problems? Stop.
> Now Search log events and configuration files using AJAX and a browser.
> Download your FREE copy of Splunk now >> http://get.splunk.com/
> _______________________________________________
> smartweb-devel mailing list
> sma...@li...
> https://lists.sourceforge.net/lists/listinfo/smartweb-devel
>
>
--
View this message in context: http://www.nabble.com/Static-sign-on-auth-module-less-understandable-tf4774615s17546.html#a13747047
Sent from the SmartWeb Developers mailing list archive at Nabble.com.
|
|
From: Roberto Lo G. <rlo...@sm...> - 2007-11-14 12:51:29
|
2007/11/14, Gaetano Perrone <gpe...@sm...>: > I'm doubtful about the static isGuest() method in User class: > In my opinion a more elegant solution is a not static method declaration: > > User user = User.get(); > boolean loggedin =!user.isGuest(); > I'm waiting for your opinion... I think an additional non-static method could be added but I don't see the need for it: if you want to know if a user is a guest you could simply boolean loggedin = (User.get() != User.GUEST); but in my honest opinion the following is the easyest thing boolean loggedin = !User.isGuest(); as this form shortens the statement a lot and is a bit less error prone |
|
From: Roberto Lo G. <rlo...@sm...> - 2007-11-14 12:47:56
|
Hi Pino,
the simple get() method mimics the ThreadLocal.get() method which is
used inside the method you are proposing to rename.
So a get() method exists in the standard Java libraries and we named
it in the same way to reflect the kind of User instance we are
returning: the current user for the current thread.
I'm worried about the possibility a getCurrent() method can confuse
about which kind of "current" we refer: it may refer to the global
user (not existing at all) or the current system user (not obtainable
through the module) or anything else you can imagine. A fully
explainable signature (not sign!) would be getCurrentThreadUser() but
it can be hard to find out for lazy people.
About the kind of data the simple get() method is about it should be
easily understandable by giving an eye to the return type....
I'm still open to discussion, but for now a refactorying is not as
needed as you depict in my opinion.
2007/11/14, Pino Contartese <gco...@gm...>:
>
> Hy.. (:-)
> I prefer to use it User.isGuest() in static way .
> I consider it simpler and more elegant..
> But it's only my opinion...
> Rather it's never enough an eclipse ctrl+space to understand anything . I
> never found a method .get() without any friendly attribute reference as
> Name() or Instance() ..and I propose it for a more elegant sign (not more!)
> :-{
>
>
> Gaetano Perrone wrote:
> >
> > Rather then refactoring the static User.get() method, that anyway is the
> > only one static getter method on User class and an eclipse ctrl+space is
> > more then enough to understand it,
> > I'm doubtful about the static isGuest() method in User class:
> > In my opinion a more elegant solution is a not static method declaration:
> >
> > User user = User.get();
> > boolean loggedin =!user.isGuest();
> > I'm waiting for your opinion...
> >
> >
> >
> >
> >
> > Pino Contartese wrote:
> >>
> >> Ok I received the message...
> >> But don't you think it's better to use User.getCurrent() rather than use
> >> User.get()?
> >> get what?
> >>
> >> For the moment i don't need to use it in a jsp page cause I've to filter
> >> a request for a specific resource.
> >> and so I use it in the java code..
> >> Happy to know your answer..see soon
> >>
> >> svetrini wrote:
> >>>
> >>> I don't agree :-)
> >>> This is a wrong way to check if the user is logged in,
> >>> becuse when you are not logged in User.get() return Guest User !
> >>> You have to use the Valid tag in jsp or in other place i suggest you to
> >>> use
> >>> code similar to this:
> >>>
> >>> User user = User.get();
> >>> boolean loggedin = !net.smartlab.web.auth.User.isGuest(user);
> >>>
> >>>
> >>>
> >>> 2007/11/9, Pino Contartese <gco...@gm...>:
> >>>>
> >>>>
> >>>> Ok better express the proposal reproposing a real case
> >>>> I have to check that the user is logged in or not and I write:
> >>>> If (net.smartlab.web.auth.User.get ()! = null) (
> >>>> ...
> >>>> It doesn't seem so friendly ..it was better for me to use it with
> >>>> antoher
> >>>> sign like I suggest before
> >>>> net.smartlab.web.auth.User.getCurrent() !=null
> >>>>
> >>>> Do you agree with me ?
> >>>>
> >>>>
> >>>> Roberto Lo Giacco wrote:
> >>>> >
> >>>> > Do you mean auth module with the statement form auth?
> >>>> > In case I understood correctly I think this could be a minor change
> >>>> into
> >>>> > the auth module API but I'm not sure what the advantages will be...
> >>>> can
> >>>> > you provide any reason for the change?
> >>>> >
> >>>> >
> >>>> > Pino Contartese wrote:
> >>>> >>
> >>>> >> Uhmm ...
> >>>> >> Hi Stephen,I start to use the form auth and I have noticed that the
> >>>> >> signature of static method User.get () is a little understandable.
> >>>> It
> >>>> >> would be more understandable User.getCurrent ()?
> >>>> >> I expect a response from everyone on ..
> >>>> >>
> >>>> >
> >>>> >
> >>>>
> >>>> --
> >>>> View this message in context:
> >>>> http://www.nabble.com/Static-sign-on-auth-module-less-understandable-tf4774615s17546.html#a13667696
> >>>> Sent from the SmartWeb Developers mailing list archive at Nabble.com.
> >>>>
> >>>>
> >>>> -------------------------------------------------------------------------
> >>>> This SF.net email is sponsored by: Splunk Inc.
> >>>> Still grepping through log files to find problems? Stop.
> >>>> Now Search log events and configuration files using AJAX and a browser.
> >>>> Download your FREE copy of Splunk now >> http://get.splunk.com/
> >>>> _______________________________________________
> >>>> smartweb-devel mailing list
> >>>> sma...@li...
> >>>> https://lists.sourceforge.net/lists/listinfo/smartweb-devel
> >>>>
> >>>
> >>> -------------------------------------------------------------------------
> >>> This SF.net email is sponsored by: Splunk Inc.
> >>> Still grepping through log files to find problems? Stop.
> >>> Now Search log events and configuration files using AJAX and a browser.
> >>> Download your FREE copy of Splunk now >> http://get.splunk.com/
> >>> _______________________________________________
> >>> smartweb-devel mailing list
> >>> sma...@li...
> >>> https://lists.sourceforge.net/lists/listinfo/smartweb-devel
> >>>
> >>>
> >>
> >>
> >
> >
>
> --
> View this message in context: http://www.nabble.com/Static-sign-on-auth-module-less-understandable-tf4774615s17546.html#a13745652
> Sent from the SmartWeb Developers mailing list archive at Nabble.com.
>
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc.
> Still grepping through log files to find problems? Stop.
> Now Search log events and configuration files using AJAX and a browser.
> Download your FREE copy of Splunk now >> http://get.splunk.com/
> _______________________________________________
> smartweb-devel mailing list
> sma...@li...
> https://lists.sourceforge.net/lists/listinfo/smartweb-devel
>
|
|
From: Pino C. <gco...@gm...> - 2007-11-14 12:16:11
|
Hy.. (:-)
I prefer to use it User.isGuest() in static way .
I consider it simpler and more elegant..
But it's only my opinion...
Rather it's never enough an eclipse ctrl+space to understand anything . I
never found a method .get() without any friendly attribute reference as
Name() or Instance() ..and I propose it for a more elegant sign (not more!)
:-{
Gaetano Perrone wrote:
>
> Rather then refactoring the static User.get() method, that anyway is the
> only one static getter method on User class and an eclipse ctrl+space is
> more then enough to understand it,
> I'm doubtful about the static isGuest() method in User class:
> In my opinion a more elegant solution is a not static method declaration:
>
> User user = User.get();
> boolean loggedin =!user.isGuest();
> I'm waiting for your opinion...
>
>
>
>
>
> Pino Contartese wrote:
>>
>> Ok I received the message...
>> But don't you think it's better to use User.getCurrent() rather than use
>> User.get()?
>> get what?
>>
>> For the moment i don't need to use it in a jsp page cause I've to filter
>> a request for a specific resource.
>> and so I use it in the java code..
>> Happy to know your answer..see soon
>>
>> svetrini wrote:
>>>
>>> I don't agree :-)
>>> This is a wrong way to check if the user is logged in,
>>> becuse when you are not logged in User.get() return Guest User !
>>> You have to use the Valid tag in jsp or in other place i suggest you to
>>> use
>>> code similar to this:
>>>
>>> User user = User.get();
>>> boolean loggedin = !net.smartlab.web.auth.User.isGuest(user);
>>>
>>>
>>>
>>> 2007/11/9, Pino Contartese <gco...@gm...>:
>>>>
>>>>
>>>> Ok better express the proposal reproposing a real case
>>>> I have to check that the user is logged in or not and I write:
>>>> If (net.smartlab.web.auth.User.get ()! = null) (
>>>> ...
>>>> It doesn't seem so friendly ..it was better for me to use it with
>>>> antoher
>>>> sign like I suggest before
>>>> net.smartlab.web.auth.User.getCurrent() !=null
>>>>
>>>> Do you agree with me ?
>>>>
>>>>
>>>> Roberto Lo Giacco wrote:
>>>> >
>>>> > Do you mean auth module with the statement form auth?
>>>> > In case I understood correctly I think this could be a minor change
>>>> into
>>>> > the auth module API but I'm not sure what the advantages will be...
>>>> can
>>>> > you provide any reason for the change?
>>>> >
>>>> >
>>>> > Pino Contartese wrote:
>>>> >>
>>>> >> Uhmm ...
>>>> >> Hi Stephen,I start to use the form auth and I have noticed that the
>>>> >> signature of static method User.get () is a little understandable.
>>>> It
>>>> >> would be more understandable User.getCurrent ()?
>>>> >> I expect a response from everyone on ..
>>>> >>
>>>> >
>>>> >
>>>>
>>>> --
>>>> View this message in context:
>>>> http://www.nabble.com/Static-sign-on-auth-module-less-understandable-tf4774615s17546.html#a13667696
>>>> Sent from the SmartWeb Developers mailing list archive at Nabble.com.
>>>>
>>>>
>>>> -------------------------------------------------------------------------
>>>> This SF.net email is sponsored by: Splunk Inc.
>>>> Still grepping through log files to find problems? Stop.
>>>> Now Search log events and configuration files using AJAX and a browser.
>>>> Download your FREE copy of Splunk now >> http://get.splunk.com/
>>>> _______________________________________________
>>>> smartweb-devel mailing list
>>>> sma...@li...
>>>> https://lists.sourceforge.net/lists/listinfo/smartweb-devel
>>>>
>>>
>>> -------------------------------------------------------------------------
>>> This SF.net email is sponsored by: Splunk Inc.
>>> Still grepping through log files to find problems? Stop.
>>> Now Search log events and configuration files using AJAX and a browser.
>>> Download your FREE copy of Splunk now >> http://get.splunk.com/
>>> _______________________________________________
>>> smartweb-devel mailing list
>>> sma...@li...
>>> https://lists.sourceforge.net/lists/listinfo/smartweb-devel
>>>
>>>
>>
>>
>
>
--
View this message in context: http://www.nabble.com/Static-sign-on-auth-module-less-understandable-tf4774615s17546.html#a13745652
Sent from the SmartWeb Developers mailing list archive at Nabble.com.
|
|
From: Gaetano P. <gpe...@sm...> - 2007-11-14 11:24:35
|
Rather then refactoring the static User.get() method, that anyway is the only one static getter method on User class and an eclipse ctrl+space is more then enough to understand it, I'm doubtful about the static isGuest() method in User class: In my opinion a more elegant solution is a not static method declaration: User user = User.get(); boolean loggedin =!user.isGuest(); I'm waiting for your opinion... Pino Contartese wrote: > > Ok I received the message... > But don't you think it's better to use User.getCurrent() rather than use > User.get()? > get what? > > For the moment i don't need to use it in a jsp page cause I've to filter a > request for a specific resource. > and so I use it in the java code.. > Happy to know your answer..see soon > > svetrini wrote: >> >> I don't agree :-) >> This is a wrong way to check if the user is logged in, >> becuse when you are not logged in User.get() return Guest User ! >> You have to use the Valid tag in jsp or in other place i suggest you to >> use >> code similar to this: >> >> User user = User.get(); >> boolean loggedin = !net.smartlab.web.auth.User.isGuest(user); >> >> >> >> 2007/11/9, Pino Contartese <gco...@gm...>: >>> >>> >>> Ok better express the proposal reproposing a real case >>> I have to check that the user is logged in or not and I write: >>> If (net.smartlab.web.auth.User.get ()! = null) ( >>> ... >>> It doesn't seem so friendly ..it was better for me to use it with >>> antoher >>> sign like I suggest before >>> net.smartlab.web.auth.User.getCurrent() !=null >>> >>> Do you agree with me ? >>> >>> >>> Roberto Lo Giacco wrote: >>> > >>> > Do you mean auth module with the statement form auth? >>> > In case I understood correctly I think this could be a minor change >>> into >>> > the auth module API but I'm not sure what the advantages will be... >>> can >>> > you provide any reason for the change? >>> > >>> > >>> > Pino Contartese wrote: >>> >> >>> >> Uhmm ... >>> >> Hi Stephen,I start to use the form auth and I have noticed that the >>> >> signature of static method User.get () is a little understandable. It >>> >> would be more understandable User.getCurrent ()? >>> >> I expect a response from everyone on .. >>> >> >>> > >>> > >>> >>> -- >>> View this message in context: >>> http://www.nabble.com/Static-sign-on-auth-module-less-understandable-tf4774615s17546.html#a13667696 >>> Sent from the SmartWeb Developers mailing list archive at Nabble.com. >>> >>> >>> ------------------------------------------------------------------------- >>> This SF.net email is sponsored by: Splunk Inc. >>> Still grepping through log files to find problems? Stop. >>> Now Search log events and configuration files using AJAX and a browser. >>> Download your FREE copy of Splunk now >> http://get.splunk.com/ >>> _______________________________________________ >>> smartweb-devel mailing list >>> sma...@li... >>> https://lists.sourceforge.net/lists/listinfo/smartweb-devel >>> >> >> ------------------------------------------------------------------------- >> This SF.net email is sponsored by: Splunk Inc. >> Still grepping through log files to find problems? Stop. >> Now Search log events and configuration files using AJAX and a browser. >> Download your FREE copy of Splunk now >> http://get.splunk.com/ >> _______________________________________________ >> smartweb-devel mailing list >> sma...@li... >> https://lists.sourceforge.net/lists/listinfo/smartweb-devel >> >> > > -- View this message in context: http://www.nabble.com/Static-sign-on-auth-module-less-understandable-tf4774615s17546.html#a13744574 Sent from the SmartWeb Developers mailing list archive at Nabble.com. |
|
From: Pino C. <gco...@gm...> - 2007-11-13 23:54:02
|
Ok I received the message... But don't you think it's better to use User.getCurrent() rather than use User.get()? get what? For the moment i don't need to use it in a jsp page cause I've to filter a request for a specific resource. and so I use it in the java code.. Happy to know your answer..see soon svetrini wrote: > > I don't agree :-) > This is a wrong way to check if the user is logged in, > becuse when you are not logged in User.get() return Guest User ! > You have to use the Valid tag in jsp or in other place i suggest you to > use > code similar to this: > > User user = User.get(); > boolean loggedin = !net.smartlab.web.auth.User.isGuest(user); > > > > 2007/11/9, Pino Contartese <gco...@gm...>: >> >> >> Ok better express the proposal reproposing a real case >> I have to check that the user is logged in or not and I write: >> If (net.smartlab.web.auth.User.get ()! = null) ( >> ... >> It doesn't seem so friendly ..it was better for me to use it with antoher >> sign like I suggest before >> net.smartlab.web.auth.User.getCurrent() !=null >> >> Do you agree with me ? >> >> >> Roberto Lo Giacco wrote: >> > >> > Do you mean auth module with the statement form auth? >> > In case I understood correctly I think this could be a minor change >> into >> > the auth module API but I'm not sure what the advantages will be... can >> > you provide any reason for the change? >> > >> > >> > Pino Contartese wrote: >> >> >> >> Uhmm ... >> >> Hi Stephen,I start to use the form auth and I have noticed that the >> >> signature of static method User.get () is a little understandable. It >> >> would be more understandable User.getCurrent ()? >> >> I expect a response from everyone on .. >> >> >> > >> > >> >> -- >> View this message in context: >> http://www.nabble.com/Static-sign-on-auth-module-less-understandable-tf4774615s17546.html#a13667696 >> Sent from the SmartWeb Developers mailing list archive at Nabble.com. >> >> >> ------------------------------------------------------------------------- >> This SF.net email is sponsored by: Splunk Inc. >> Still grepping through log files to find problems? Stop. >> Now Search log events and configuration files using AJAX and a browser. >> Download your FREE copy of Splunk now >> http://get.splunk.com/ >> _______________________________________________ >> smartweb-devel mailing list >> sma...@li... >> https://lists.sourceforge.net/lists/listinfo/smartweb-devel >> > > ------------------------------------------------------------------------- > This SF.net email is sponsored by: Splunk Inc. > Still grepping through log files to find problems? Stop. > Now Search log events and configuration files using AJAX and a browser. > Download your FREE copy of Splunk now >> http://get.splunk.com/ > _______________________________________________ > smartweb-devel mailing list > sma...@li... > https://lists.sourceforge.net/lists/listinfo/smartweb-devel > > -- View this message in context: http://www.nabble.com/Static-sign-on-auth-module-less-understandable-tf4774615s17546.html#a13737311 Sent from the SmartWeb Developers mailing list archive at Nabble.com. |
|
From: Stefano V <st...@gm...> - 2007-11-09 21:05:16
|
You are right! i didn't read what you had said... Sorry :-) 2007/11/9, Roberto Lo Giacco <rlo...@sm...>: > > Just a note to the Valid tag statement: you are right, but I supposed > he wanted to check the user inside an Action or something like that as > we strongly suggest not to use java code inside pages :-> > > Am I right or have you repeated, with another example, my same statement? > > 2007/11/9, Stefano V <st...@gm...>: > > I don't agree :-) > > This is a wrong way to check if the user is logged in, > > becuse when you are not logged in User.get() return Guest User ! > > You have to use the Valid tag in jsp or in other place i suggest you to > use > > code similar to this: > > > > User user = User.get(); > > boolean loggedin = > > !net.smartlab.web.auth.User.isGuest(user); > > > > > > > > 2007/11/9, Pino Contartese <gco...@gm... >: > > > > > > > > > Ok better express the proposal reproposing a real case > > > I have to check that the user is logged in or not and I write: > > > If (net.smartlab.web.auth.User.get ()! = null) ( > > > ... > > > It doesn't seem so friendly ..it was better for me to use it with > antoher > > > sign like I suggest before > > > net.smartlab.web.auth.User.getCurrent() !=null > > > > > > Do you agree with me ? > > > > > > > > > Roberto Lo Giacco wrote: > > > > > > > > Do you mean auth module with the statement form auth? > > > > In case I understood correctly I think this could be a minor change > into > > > > the auth module API but I'm not sure what the advantages will be... > can > > > > you provide any reason for the change? > > > > > > > > > > > > Pino Contartese wrote: > > > >> > > > >> Uhmm ... > > > >> Hi Stephen,I start to use the form auth and I have noticed that > the > > > >> signature of static method User.get () is a little understandable. > It > > > >> would be more understandable User.getCurrent ()? > > > >> I expect a response from everyone on .. > > > >> > > > > > > > > > > > > > > -- > > > View this message in context: > > > http://www.nabble.com/Static-sign-on-auth-module-less-understandable-tf4774615s17546.html#a13667696 > > > Sent from the SmartWeb Developers mailing list archive at Nabble.com. > > > > > > > > > > > > ------------------------------------------------------------------------- > > > This SF.net email is sponsored by: Splunk Inc. > > > Still grepping through log files to find problems? Stop. > > > Now Search log events and configuration files using AJAX and a > browser. > > > Download your FREE copy of Splunk now >> http://get.splunk.com/ > > > _______________________________________________ > > > smartweb-devel mailing list > > > sma...@li... > > > > > https://lists.sourceforge.net/lists/listinfo/smartweb-devel > > > > > > > > > > ------------------------------------------------------------------------- > > This SF.net email is sponsored by: Splunk Inc. > > Still grepping through log files to find problems? Stop. > > Now Search log events and configuration files using AJAX and a browser. > > Download your FREE copy of Splunk now >> http://get.splunk.com/ > > _______________________________________________ > > smartweb-devel mailing list > > sma...@li... > > https://lists.sourceforge.net/lists/listinfo/smartweb-devel > > > > > > ------------------------------------------------------------------------- > This SF.net email is sponsored by: Splunk Inc. > Still grepping through log files to find problems? Stop. > Now Search log events and configuration files using AJAX and a browser. > Download your FREE copy of Splunk now >> http://get.splunk.com/ > _______________________________________________ > smartweb-devel mailing list > sma...@li... > https://lists.sourceforge.net/lists/listinfo/smartweb-devel > |
|
From: Roberto Lo G. <rlo...@sm...> - 2007-11-09 19:39:24
|
Just a note to the Valid tag statement: you are right, but I supposed he wanted to check the user inside an Action or something like that as we strongly suggest not to use java code inside pages :-> Am I right or have you repeated, with another example, my same statement? 2007/11/9, Stefano V <st...@gm...>: > I don't agree :-) > This is a wrong way to check if the user is logged in, > becuse when you are not logged in User.get() return Guest User ! > You have to use the Valid tag in jsp or in other place i suggest you to use > code similar to this: > > User user = User.get(); > boolean loggedin = > !net.smartlab.web.auth.User.isGuest(user); > > > > 2007/11/9, Pino Contartese <gco...@gm... >: > > > > > > Ok better express the proposal reproposing a real case > > I have to check that the user is logged in or not and I write: > > If (net.smartlab.web.auth.User.get ()! = null) ( > > ... > > It doesn't seem so friendly ..it was better for me to use it with antoher > > sign like I suggest before > > net.smartlab.web.auth.User.getCurrent() !=null > > > > Do you agree with me ? > > > > > > Roberto Lo Giacco wrote: > > > > > > Do you mean auth module with the statement form auth? > > > In case I understood correctly I think this could be a minor change into > > > the auth module API but I'm not sure what the advantages will be... can > > > you provide any reason for the change? > > > > > > > > > Pino Contartese wrote: > > >> > > >> Uhmm ... > > >> Hi Stephen,I start to use the form auth and I have noticed that the > > >> signature of static method User.get () is a little understandable. It > > >> would be more understandable User.getCurrent ()? > > >> I expect a response from everyone on .. > > >> > > > > > > > > > > -- > > View this message in context: > http://www.nabble.com/Static-sign-on-auth-module-less-understandable-tf4774615s17546.html#a13667696 > > Sent from the SmartWeb Developers mailing list archive at Nabble.com. > > > > > > > ------------------------------------------------------------------------- > > This SF.net email is sponsored by: Splunk Inc. > > Still grepping through log files to find problems? Stop. > > Now Search log events and configuration files using AJAX and a browser. > > Download your FREE copy of Splunk now >> http://get.splunk.com/ > > _______________________________________________ > > smartweb-devel mailing list > > sma...@li... > > > https://lists.sourceforge.net/lists/listinfo/smartweb-devel > > > > > ------------------------------------------------------------------------- > This SF.net email is sponsored by: Splunk Inc. > Still grepping through log files to find problems? Stop. > Now Search log events and configuration files using AJAX and a browser. > Download your FREE copy of Splunk now >> http://get.splunk.com/ > _______________________________________________ > smartweb-devel mailing list > sma...@li... > https://lists.sourceforge.net/lists/listinfo/smartweb-devel > > |
|
From: Stefano V <st...@gm...> - 2007-11-09 19:07:52
|
I don't agree :-) This is a wrong way to check if the user is logged in, becuse when you are not logged in User.get() return Guest User ! You have to use the Valid tag in jsp or in other place i suggest you to use code similar to this: User user = User.get(); boolean loggedin = !net.smartlab.web.auth.User.isGuest(user); 2007/11/9, Pino Contartese <gco...@gm...>: > > > Ok better express the proposal reproposing a real case > I have to check that the user is logged in or not and I write: > If (net.smartlab.web.auth.User.get ()! = null) ( > ... > It doesn't seem so friendly ..it was better for me to use it with antoher > sign like I suggest before > net.smartlab.web.auth.User.getCurrent() !=null > > Do you agree with me ? > > > Roberto Lo Giacco wrote: > > > > Do you mean auth module with the statement form auth? > > In case I understood correctly I think this could be a minor change into > > the auth module API but I'm not sure what the advantages will be... can > > you provide any reason for the change? > > > > > > Pino Contartese wrote: > >> > >> Uhmm ... > >> Hi Stephen,I start to use the form auth and I have noticed that the > >> signature of static method User.get () is a little understandable. It > >> would be more understandable User.getCurrent ()? > >> I expect a response from everyone on .. > >> > > > > > > -- > View this message in context: > http://www.nabble.com/Static-sign-on-auth-module-less-understandable-tf4774615s17546.html#a13667696 > Sent from the SmartWeb Developers mailing list archive at Nabble.com. > > > ------------------------------------------------------------------------- > This SF.net email is sponsored by: Splunk Inc. > Still grepping through log files to find problems? Stop. > Now Search log events and configuration files using AJAX and a browser. > Download your FREE copy of Splunk now >> http://get.splunk.com/ > _______________________________________________ > smartweb-devel mailing list > sma...@li... > https://lists.sourceforge.net/lists/listinfo/smartweb-devel > |
|
From: Pino C. <gco...@gm...> - 2007-11-09 16:58:21
|
Thank you so much .. It works! :-) Today I learned another thing .. We write a good guide so that nobody can do tomorrow these basic questions. See you soon..:super: Roberto Lo Giacco-4 wrote: > > By the way: if you need to check if there is a user logged in you > should use the User.isGuest() method as User.get() always returns a > not null object.... ;) > > 2007/11/9, Pino Contartese <gco...@gm...>: >> >> Ok better express the proposal reproposing a real case >> I have to check that the user is logged in or not and I write: >> If (net.smartlab.web.auth.User.get ()! = null) ( >> ... >> It doesn't seem so friendly ..it was better for me to use it with antoher >> sign like I suggest before >> net.smartlab.web.auth.User.getCurrent() !=null >> >> Do you agree with me ? >> >> >> Roberto Lo Giacco wrote: >> > >> > Do you mean auth module with the statement form auth? >> > In case I understood correctly I think this could be a minor change >> into >> > the auth module API but I'm not sure what the advantages will be... can >> > you provide any reason for the change? >> > >> > >> > Pino Contartese wrote: >> >> >> >> Uhmm ... >> >> Hi Stephen,I start to use the form auth and I have noticed that the >> >> signature of static method User.get () is a little understandable. It >> >> would be more understandable User.getCurrent ()? >> >> I expect a response from everyone on .. >> >> >> > >> > >> >> -- >> View this message in context: >> http://www.nabble.com/Static-sign-on-auth-module-less-understandable-tf4774615s17546.html#a13667696 >> Sent from the SmartWeb Developers mailing list archive at Nabble.com. >> >> >> ------------------------------------------------------------------------- >> This SF.net email is sponsored by: Splunk Inc. >> Still grepping through log files to find problems? Stop. >> Now Search log events and configuration files using AJAX and a browser. >> Download your FREE copy of Splunk now >> http://get.splunk.com/ >> _______________________________________________ >> smartweb-devel mailing list >> sma...@li... >> https://lists.sourceforge.net/lists/listinfo/smartweb-devel >> > > ------------------------------------------------------------------------- > This SF.net email is sponsored by: Splunk Inc. > Still grepping through log files to find problems? Stop. > Now Search log events and configuration files using AJAX and a browser. > Download your FREE copy of Splunk now >> http://get.splunk.com/ > _______________________________________________ > smartweb-devel mailing list > sma...@li... > https://lists.sourceforge.net/lists/listinfo/smartweb-devel > > -- View this message in context: http://www.nabble.com/Static-sign-on-auth-module-less-understandable-tf4774615s17546.html#a13670715 Sent from the SmartWeb Developers mailing list archive at Nabble.com. |
|
From: Roberto Lo G. <rlo...@sm...> - 2007-11-09 15:59:59
|
We are trying to write down a user guide, but we welcome any contribution as it seems we all are not very capable on documentation ;) 2007/11/9, Pino Contartese <gco...@gm...>: > > Where can I find an auth guide? > > > Roberto Lo Giacco-4 wrote: > > > > By the way: if you need to check if there is a user logged in you > > should use the User.isGuest() method as User.get() always returns a > > not null object.... ;) > > > > 2007/11/9, Pino Contartese <gco...@gm...>: > >> > >> Ok better express the proposal reproposing a real case > >> I have to check that the user is logged in or not and I write: > >> If (net.smartlab.web.auth.User.get ()! = null) ( > >> ... > >> It doesn't seem so friendly ..it was better for me to use it with antoher > >> sign like I suggest before > >> net.smartlab.web.auth.User.getCurrent() !=null > >> > >> Do you agree with me ? > >> > >> > >> Roberto Lo Giacco wrote: > >> > > >> > Do you mean auth module with the statement form auth? > >> > In case I understood correctly I think this could be a minor change > >> into > >> > the auth module API but I'm not sure what the advantages will be... can > >> > you provide any reason for the change? > >> > > >> > > >> > Pino Contartese wrote: > >> >> > >> >> Uhmm ... > >> >> Hi Stephen,I start to use the form auth and I have noticed that the > >> >> signature of static method User.get () is a little understandable. It > >> >> would be more understandable User.getCurrent ()? > >> >> I expect a response from everyone on .. > >> >> > >> > > >> > > >> > >> -- > >> View this message in context: > >> http://www.nabble.com/Static-sign-on-auth-module-less-understandable-tf4774615s17546.html#a13667696 > >> Sent from the SmartWeb Developers mailing list archive at Nabble.com. > >> > >> > >> ------------------------------------------------------------------------- > >> This SF.net email is sponsored by: Splunk Inc. > >> Still grepping through log files to find problems? Stop. > >> Now Search log events and configuration files using AJAX and a browser. > >> Download your FREE copy of Splunk now >> http://get.splunk.com/ > >> _______________________________________________ > >> smartweb-devel mailing list > >> sma...@li... > >> https://lists.sourceforge.net/lists/listinfo/smartweb-devel > >> > > > > ------------------------------------------------------------------------- > > This SF.net email is sponsored by: Splunk Inc. > > Still grepping through log files to find problems? Stop. > > Now Search log events and configuration files using AJAX and a browser. > > Download your FREE copy of Splunk now >> http://get.splunk.com/ > > _______________________________________________ > > smartweb-devel mailing list > > sma...@li... > > https://lists.sourceforge.net/lists/listinfo/smartweb-devel > > > > > > -- > View this message in context: http://www.nabble.com/Static-sign-on-auth-module-less-understandable-tf4774615s17546.html#a13669580 > Sent from the SmartWeb Developers mailing list archive at Nabble.com. > > > ------------------------------------------------------------------------- > This SF.net email is sponsored by: Splunk Inc. > Still grepping through log files to find problems? Stop. > Now Search log events and configuration files using AJAX and a browser. > Download your FREE copy of Splunk now >> http://get.splunk.com/ > _______________________________________________ > smartweb-devel mailing list > sma...@li... > https://lists.sourceforge.net/lists/listinfo/smartweb-devel > |
1 message has been excluded from this view by a project administrator.
