...
Tapestry provides several annotations and configuration settings that you can use to ensure that all access to certain pages (or all pages) occurs only via the encrypted HTTPS protocol. See HTTPS for details.
Controlling Page Access
Wiki Markup |
---|
{float:right|background=#eee|padding=0 1em} *JumpStart Demo:* [Protecting Pages|http://jumpstart.doublenegative.com.au/jumpstart/examples/infrastructure/protectingpages] {float} |
...
Security Framework Integration
Tapestry does not come with a built-in lock you into a specific authentication/authorization mechanism, to avoid lock-in to a specific implementation. There are various Java security frameworks available, but the main two Java-based open source security frameworks are Apache Shiro (earlier Instead, there are integration modules available for the more popular open source Java security frameworks, namely Apache Shiro (formerly JSecurity) and Spring Security (earlier formerly Acegi Security). Spring Security is the more popular of the two (because of Spring's popularity), whereas Shiro is widely regarded as the more flexible choice. There are well-maintained Tapestry integration projects for both of these frameworks,
...
- module (from Tynamo.org)
...
- uses Apache Shiro
- The tapestry-spring-security
...
- module uses Spring Security.
For tapestry-security (Shiro-based)Additional information:
- Tynamo-federatedaccounts Facebook etc. 3rd party authentication provider integrations, building on Tapestry-security
For tapestry-spring-security
- http://www.localhost.nu/java/tapestry-spring-security/conf.html is an add-on to the tapestry-security module, providing federated (third-party) authentication with Facebook, Twitter or Google.
- To include OpenID with Spring Security in your application, see the following Wiki entry:
...