Re: false sense of security?
Re: false sense of security?
- Subject: Re: false sense of security?
- From: "Arturo Perez" <email@hidden>
- Date: Wed, 01 Sep 2004 13:24:11 -0400
William Norris wrote:
What kind of hacks were you thinking about? the problem I see with the ComponentContent approach (as i
understand it), is that I would have to create a new component for
each link.... isn't that using a lot more memory than should be
expended for something simple like this?
I'm sure you've seen Chuck's response by now. There are still more
alternatives available but I'd hate to steer you towards hacks.
The ComponentContent thing is just like having a page wrapper component.
But instead of wrapping the page you wrap some other component. Then
you can keep all your authentication checks in the component wrapper.
Here's an example.
Create a WOComponentContent named SimpleAuthenticator. Give it a
binding of "userRole". You can probably make it stateless if you know
how and you're worried about memory. Its appendToResponse is
public void appendToResponse(...) {
if (!Authenticator.userHasRole(session.getUser(), userRole))
return;
else
super.appendToResponse(...);
]
The Authenticator.userHasRole() method is similar to the method you
already have.
Whenever you need security place the link or whatever inside of
SimpleAuthenticator with userRole bound to an appropriate value.
If the user is not in the given role then no content will be generated.
-arturo
_______________________________________________
webobjects-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/webobjects-dev
Do not post admin requests to the list. They will be ignored.