Tapestry does not come with a built-in security implementation to avoid lock-in to a specific security framework. There are various Java security frameworks available, but the main two Java-based open source security frameworks are Apache Shiro (earlier JSecurity) and Spring Security (earlier Acegi Security). Spring Security is the more popular of the two (because of Spring's popularity), whereas Shiro is widely regarded as the more flexible choice. There are well-maintained Tapestry integration projects for both of these frameworks, tapestry-security for Apache Shiro (from Tynamo.org) and tapestry-spring-security for Spring Security.
For tapestry-security (Shiro-based)
- Tynamo-federatedaccounts Facebook etc. 3rd party authentication provider integrations, building on Tapestry-security
For tapestry-spring-security
To include OpenID with Spring Security in your application, see the following Wiki entry: