[Seaside] Seaside Security

Hans N Beck private at hans-n-beck.de
Wed Jul 23 19:34:16 UTC 2008


Hi,

thank you for help.

Ok, setting up Deployment mode let disapear the tool bar, great.
Removing all not needed applications for delivery (as pointed out in  
some tutorial) is clear.

But how I prevent that someone is accessing .../seaside/config ? The  
only way seems  to removing the config application. But that is bad,  
because perhaps I want configure something later and not in code....

And the other thing but related is this: according to tutorials, if  
one set up WAAuthConfiguration as an ancessor in the configuration of  
an application, then the log-in dialog should come up if one try to  
access .../seaside/<myapplication> . But this doen't happen for me.  
Perhaps there is a little detail I overlook....

(I use the Web Image from Damien Cassou).

Thanks

Hans

Am 23.07.2008 um 11:14 schrieb Lukas Renggli:

> The toolbar is not really ment for anything else than development. I
> would disable it for any productive application.
>
> Lukas
>
> On 7/23/08, Michel Bany <michel.bany at gmail.com> wrote:
>> Hi Hans,
>>
>> What about registering your root component twice, under different  
>> urls, for
>> example:
>>
>> (WACounter registerAsApplication: 'c1')
>>        preferenceAt: #deploymentMode put: true.
>>
>> (WACounter registerAsAuthenticatedApplication: 'c2')
>>        preferenceAt: #login put: 'user';
>>        preferenceAt: #password put: 'pass';
>>        preferenceAt: #deploymentMode put: false.
>>
>> HTH
>> Michel.
>>
>>
>>
>> On Jul 23, 2008, at 6:46 AM, Hans N Beck wrote:
>>
>>
>>> Hi dear Seaside gurus :-),
>>>
>>> one think I never really understand using Seaside:
>>>
>>> by default, there is this control bar at the bottom "configure  
>>> toggle
>> halos new session etc".  Whow can I make sure that only an special  
>> logged-in
>> user can see this bar ? I have read about and played with
>> WAAuthConfiguration, but neither it could let disappear the bar nor  
>> I got
>> any log-in window (or could see if I maybe already be logged-in).
>>>
>>> How to do this ?
>>>
>>> If I manage User and Groups in Pier, are this the same as for
>> WAAuthConfiguration or are these user managements completley  
>> divided ?
>>>
>>>
>>> Thanks for help :-)
>>>
>>> Hans
>>> _______________________________________________
>>> seaside mailing list
>>> seaside at lists.squeakfoundation.org
>>>
>> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
>>>
>>
>> _______________________________________________
>> seaside mailing list
>> seaside at lists.squeakfoundation.org
>> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
>>
>
>
> -- 
> Lukas Renggli
> http://www.lukas-renggli.ch
> _______________________________________________
> seaside mailing list
> seaside at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
>



More information about the seaside mailing list