tapestry-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <wikidi...@apache.org>
Subject [Tapestry Wiki] Update of "Tapestry5HowToCreateADispatcher2" by ChrisLewis
Date Wed, 07 Nov 2007 14:23:07 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tapestry Wiki" for change notification.

The following page has been changed by ChrisLewis:

New page:
In the article Tapestry5HowToCreateADispatcher we covered the basics of creating a Dispatcher
and getting it into the pipeline. This quick article is a suppliment to that one, continuing
the example of implementing an access control mechanism. Specifically, we will cover how to
access request-specific state objects (ASOs) from a singleton service (our access controller).

Before reading this be sure to first read about how Tapestry manages application state:


This is a fairly quick and painless read and should get you up to speed on what application
state is, when and why you need it, how to use it, and the basics of how it works. The following
javadocs are also worth pointing out:

ApplicationState], [http://tapestry.apache.org/tapestry5/apidocs/org/apache/tapestry/services/ApplicationStateManager.html

== A Glance at the Problem ==
The access controller we've implemented is a singleton service. It doesn't make sense to implement
it per-request as the only per-request state it needs are the access permissions of the requesting
user. However we can't just annotate a service field with @!ApplicationState as we normally
would in a page or component.

import java.io.IOException;

import org.apache.tapestry.services.ApplicationStateManager;
import org.apache.tapestry.services.Request;
import org.apache.tapestry.services.Response;

public class AccessController implements Dispatcher {
	private ApplicationStateManager asm;
	public SingletonAccessControllerImpl(ApplicationStateManager asm) {
		this.asm = asm;

	public boolean dispatch(Request request, Response response) throws IOException {
		boolean canAccess = false;
		if(asm.exists(UserPermissions.class)) {
		if(!canAccess) {
			 * This is an unauthorized request, so throw an exception. We'll need
			 * more grace than this, such as a customized exception page and/or
			 * redirection to a login page...
			throw new RuntimeException("Access violation!");
		return false;

To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
For additional commands, e-mail: dev-help@tapestry.apache.org

View raw message