Restricting action invocation by HTTP method

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Restricting action invocation by HTTP method

Sonny Gill
Hi guys,

What is the Stripes approach to restricting action invocation by HTTP method?
For example, if I want to restrict my ItemEdit or ItemDelete action to only be invoked by HTTP POST method.

Cheers,
Sonny

------------------------------------------------------------------------------
Ridiculously easy VDI. With Citrix VDI-in-a-Box, you don't need a complex
infrastructure or vast IT resources to deliver seamless, secure access to
virtual desktops. With this all-in-one solution, easily deploy virtual
desktops for less than the cost of PCs and save 60% on VDI infrastructure
costs. Try it free! http://p.sf.net/sfu/Citrix-VDIinabox
_______________________________________________
Stripes-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/stripes-users
Reply | Threaded
Open this post in threaded view
|

Re: Restricting action invocation by HTTP method

Ben Gunter
Stripes doesn't do this on its own, but it's easily done with an Interceptor.

On Thu, Dec 29, 2011 at 8:34 AM, Sonny Gill <[hidden email]> wrote:
Hi guys,

What is the Stripes approach to restricting action invocation by HTTP method?
For example, if I want to restrict my ItemEdit or ItemDelete action to only be invoked by HTTP POST method.

Cheers,
Sonny


------------------------------------------------------------------------------
Ridiculously easy VDI. With Citrix VDI-in-a-Box, you don't need a complex
infrastructure or vast IT resources to deliver seamless, secure access to
virtual desktops. With this all-in-one solution, easily deploy virtual
desktops for less than the cost of PCs and save 60% on VDI infrastructure
costs. Try it free! http://p.sf.net/sfu/Citrix-VDIinabox
_______________________________________________
Stripes-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/stripes-users
Reply | Threaded
Open this post in threaded view
|

Re: Restricting action invocation by HTTP method

Mike McNally-3
In reply to this post by Sonny Gill
In my application I have an Intercept that checks, among other things,
for an annotation (@ForMethod("post")) on the action bean or event
method.  (The annotation is one I wrote and not part of Stripes.)

On Thu, Dec 29, 2011 at 7:34 AM, Sonny Gill <[hidden email]> wrote:

> Hi guys,
>
> What is the Stripes approach to restricting action invocation by HTTP
> method?
> For example, if I want to restrict my ItemEdit or ItemDelete action to only
> be invoked by HTTP POST method.
>
> Cheers,
> Sonny
>
> ------------------------------------------------------------------------------
> Ridiculously easy VDI. With Citrix VDI-in-a-Box, you don't need a complex
> infrastructure or vast IT resources to deliver seamless, secure access to
> virtual desktops. With this all-in-one solution, easily deploy virtual
> desktops for less than the cost of PCs and save 60% on VDI infrastructure
> costs. Try it free! http://p.sf.net/sfu/Citrix-VDIinabox
> _______________________________________________
> Stripes-users mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/stripes-users
>



--
Turtle, turtle, on the ground,
Pink and shiny, turn around.

------------------------------------------------------------------------------
Ridiculously easy VDI. With Citrix VDI-in-a-Box, you don't need a complex
infrastructure or vast IT resources to deliver seamless, secure access to
virtual desktops. With this all-in-one solution, easily deploy virtual
desktops for less than the cost of PCs and save 60% on VDI infrastructure
costs. Try it free! http://p.sf.net/sfu/Citrix-VDIinabox
_______________________________________________
Stripes-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/stripes-users
Reply | Threaded
Open this post in threaded view
|

Re: Restricting action invocation by HTTP method

Janne Jalkanen

Since this is probably like a common thing that most of us have to do at some point, would it be possible to have it as a feature on Stripes directly?

Would be glad to contribute a patch if someone specs how it should look-n-work.

/Janne

On Dec 29, 2011, at 15:57 , Mike McNally wrote:

> In my application I have an Intercept that checks, among other things,
> for an annotation (@ForMethod("post")) on the action bean or event
> method.  (The annotation is one I wrote and not part of Stripes.)
>
> On Thu, Dec 29, 2011 at 7:34 AM, Sonny Gill <[hidden email]> wrote:
>> Hi guys,
>>
>> What is the Stripes approach to restricting action invocation by HTTP
>> method?
>> For example, if I want to restrict my ItemEdit or ItemDelete action to only
>> be invoked by HTTP POST method.
>>
>> Cheers,
>> Sonny
>>
>> ------------------------------------------------------------------------------
>> Ridiculously easy VDI. With Citrix VDI-in-a-Box, you don't need a complex
>> infrastructure or vast IT resources to deliver seamless, secure access to
>> virtual desktops. With this all-in-one solution, easily deploy virtual
>> desktops for less than the cost of PCs and save 60% on VDI infrastructure
>> costs. Try it free! http://p.sf.net/sfu/Citrix-VDIinabox
>> _______________________________________________
>> Stripes-users mailing list
>> [hidden email]
>> https://lists.sourceforge.net/lists/listinfo/stripes-users
>>
>
>
>
> --
> Turtle, turtle, on the ground,
> Pink and shiny, turn around.
>
> ------------------------------------------------------------------------------
> Ridiculously easy VDI. With Citrix VDI-in-a-Box, you don't need a complex
> infrastructure or vast IT resources to deliver seamless, secure access to
> virtual desktops. With this all-in-one solution, easily deploy virtual
> desktops for less than the cost of PCs and save 60% on VDI infrastructure
> costs. Try it free! http://p.sf.net/sfu/Citrix-VDIinabox
> _______________________________________________
> Stripes-users mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/stripes-users


------------------------------------------------------------------------------
Ridiculously easy VDI. With Citrix VDI-in-a-Box, you don't need a complex
infrastructure or vast IT resources to deliver seamless, secure access to
virtual desktops. With this all-in-one solution, easily deploy virtual
desktops for less than the cost of PCs and save 60% on VDI infrastructure
costs. Try it free! http://p.sf.net/sfu/Citrix-VDIinabox
_______________________________________________
Stripes-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/stripes-users
Reply | Threaded
Open this post in threaded view
|

Re: Restricting action invocation by HTTP method

Sonny Gill
Thanks, guys.

I agree it is easily done with an Interceptor.
But I suspect this is a commonly used feature, and you pretty much need it to do HTTP right. I hope this gets included in Stripes core or in one of the other common Stripes libraries.

Cheers,
Sonny



On Thu, Dec 29, 2011 at 3:18 PM, Janne Jalkanen <[hidden email]> wrote:

Since this is probably like a common thing that most of us have to do at some point, would it be possible to have it as a feature on Stripes directly?

Would be glad to contribute a patch if someone specs how it should look-n-work.

/Janne

On Dec 29, 2011, at 15:57 , Mike McNally wrote:

> In my application I have an Intercept that checks, among other things,
> for an annotation (@ForMethod("post")) on the action bean or event
> method.  (The annotation is one I wrote and not part of Stripes.)
>
> On Thu, Dec 29, 2011 at 7:34 AM, Sonny Gill <[hidden email]> wrote:
>> Hi guys,
>>
>> What is the Stripes approach to restricting action invocation by HTTP
>> method?
>> For example, if I want to restrict my ItemEdit or ItemDelete action to only
>> be invoked by HTTP POST method.
>>
>> Cheers,
>> Sonny

------------------------------------------------------------------------------
Ridiculously easy VDI. With Citrix VDI-in-a-Box, you don't need a complex
infrastructure or vast IT resources to deliver seamless, secure access to
virtual desktops. With this all-in-one solution, easily deploy virtual
desktops for less than the cost of PCs and save 60% on VDI infrastructure
costs. Try it free! http://p.sf.net/sfu/Citrix-VDIinabox
_______________________________________________
Stripes-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/stripes-users
Reply | Threaded
Open this post in threaded view
|

Re: Restricting action invocation by HTTP method

Adam Stokar
An annotation that you could apply to both an ActionClass and a method within an Action class would be the easiest to use in my opinion.  And yes, this should be included as stripes core functionality.

On Thu, Dec 29, 2011 at 10:50 AM, Sonny Gill <[hidden email]> wrote:
Thanks, guys.

I agree it is easily done with an Interceptor.
But I suspect this is a commonly used feature, and you pretty much need it to do HTTP right. I hope this gets included in Stripes core or in one of the other common Stripes libraries.

Cheers,
Sonny



On Thu, Dec 29, 2011 at 3:18 PM, Janne Jalkanen <[hidden email]> wrote:

Since this is probably like a common thing that most of us have to do at some point, would it be possible to have it as a feature on Stripes directly?

Would be glad to contribute a patch if someone specs how it should look-n-work.

/Janne

On Dec 29, 2011, at 15:57 , Mike McNally wrote:

> In my application I have an Intercept that checks, among other things,
> for an annotation (@ForMethod("post")) on the action bean or event
> method.  (The annotation is one I wrote and not part of Stripes.)
>
> On Thu, Dec 29, 2011 at 7:34 AM, Sonny Gill <[hidden email]> wrote:
>> Hi guys,
>>
>> What is the Stripes approach to restricting action invocation by HTTP
>> method?
>> For example, if I want to restrict my ItemEdit or ItemDelete action to only
>> be invoked by HTTP POST method.
>>
>> Cheers,
>> Sonny

------------------------------------------------------------------------------
Ridiculously easy VDI. With Citrix VDI-in-a-Box, you don't need a complex
infrastructure or vast IT resources to deliver seamless, secure access to
virtual desktops. With this all-in-one solution, easily deploy virtual
desktops for less than the cost of PCs and save 60% on VDI infrastructure
costs. Try it free! http://p.sf.net/sfu/Citrix-VDIinabox
_______________________________________________
Stripes-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/stripes-users



------------------------------------------------------------------------------
Ridiculously easy VDI. With Citrix VDI-in-a-Box, you don't need a complex
infrastructure or vast IT resources to deliver seamless, secure access to
virtual desktops. With this all-in-one solution, easily deploy virtual
desktops for less than the cost of PCs and save 60% on VDI infrastructure
costs. Try it free! http://p.sf.net/sfu/Citrix-VDIinabox
_______________________________________________
Stripes-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/stripes-users