Tynamo
  1. Tynamo
  2. TYNAMO-103

@Security, tapestry.secure-enabled, MetaDataConstants.SECURE_PAGE not honored by Tapestry security

    Details

    • Type: Bug Bug
    • Status: Closed Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: security-0.4.0
    • Fix Version/s: security-0.4.1
    • Component/s: security
    • Labels:
      None
    • Environment:
      Tapestry 5.3, Glassfish 3.1.1, tapestry.secure-enabled = true
    • Number of attachments :
      0

      Description

      I have a pretty simple authenticated page...

      @RequiresRoles(logical = Logical.OR, value =

      { Role.LogisticsRole, Role.AccountingRole, Role.PalletsRole }

      )
      @Secure
      public class TapPage

      { ....... }

      When the page is redirected to the login screen (no authentication yet) and is called from plain old http:// URL,
      the login screen is shown, but it's still the http:// protocol that is used.

      According to the Tapestry documentation @Scecure redirects to https:// URL if the page is already not called through https.
      This works, until tynamo security gets involved and points to the login screen
      This should work not only with @Secure, but also with MetaDataConstraints.SECURE_PAGE in the configuration
      so a lot of pages can be secured at once.

      Thanks!

        Issue Links

          Activity

          Hide
          Alejandro Scandroli added a comment -

          fixed together with TYNAMO-110

          Show
          Alejandro Scandroli added a comment - fixed together with TYNAMO-110

            People

            • Assignee:
              Alejandro Scandroli
              Reporter:
              Lenny Primak
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: