| cobra |
|
| 2008-10-15 |
|
期待Spring bean注入ZK components ! |
|
| Marcos de Sousa |
|
| 2008-10-15 |
|
Great Henri, Always doing big staff. It really is cool. |
|
| Eric |
|
| 2008-10-17 |
|
Big job.
I have a problem.
I do not know how the application jump to he login page when the session time out in zk application. |
|
| Hong |
|
| 2008-10-20 |
|
I should try... |
|
| Alex |
|
| 2008-10-22 |
|
Any idea about how to catch Authentication Errors? Wher I put wrong credentials, I just get a new login page.. |
|
| YADA |
|
| 2008-10-24 |
|
Very cool feature. But. What about internationalization of login page?
As
i can see, it is hard coded. No way to replace English text to whatever
I need. Except rewrite code in zkplus package. Maybe i missed some
point? |
|
| henrichen |
|
| 2008-10-24 |
|
Alex and YADA, The
Ajax-Based login actually popup an ZK window and then "bridge" the
login process back to Spring security's <http> login process. So
you can just change the login form in the <http> configuration
and do whatever you like to do. |
|
| Ian Hayes |
|
| 2008-10-28 |
|
There is a GUI design problem with the security approach you outline.
Showing a user GUI options which they can select but may not be able to action/complete is generally viewed as bad design.
Hence, a better approach is work out in advance what authorization
rights a user has and then change the GUI display to hide the various
options they do not have rights to action. |
|
| Horace |
|
| 2008-11-19 |
|
It's really cool!!
But
I have a problem here. When the user's session time out or rebuild the
application, it doesn't pop up the window but enter a new page. Have
any idea to solve this problem?? |
|
| henrichen |
|
| 2008-11-20 |
|
Horace, When
the session is time out, the ZK desktop is gone, too (desktop is
associated with session). It has to be start from a new page in such
case. /henri |
|
| YADA |
|
| 2008-11-28 |
|
After
some html form based login test, this ajax based login approach seems
to be less useful. In my real secure application the login will be the
next sequnce: Unauthenticated user will go to webpage with plain
http request (most users do this), user clicks on login (or try go to
secure page by some other way).
Springsecurity will always redirect
to a really secure login page with https request, and this will result
in new login page. Almost nobody will go directly to the start page
with https request, just by http. Why https? Login page secured
by http to https redirection when login page needs to show. So plain
text form based login/password parameters never sent on http protocol. Thus the usual login sequnce will result no ajax based login window. |
|
| mtthws |
|
| 2009-03-11 |
|
Can
you put zkspring up on maven? Also is there any good documentation on
what all of the tags that the zkspring xsd offers do and how to use
them any where? |
|
| mtthws |
|
| 2009-03-11 |
|
I found http://docs.zkoss.org/wiki/Spring which looks like it documents a lot of the functionality. I
tried to use the ui-lookup element which is in the xsd on the web
http://www.zkoss.org/2008/zkspring/zkspring.xsd, but does not appear to
be in the xsd in zkspring.jar version 1.1.0. Does the schema on the web
reflect current development of zkspring? |
|
| whg |
|
| 2009-06-05 |
|
cobra,你和我想法一样!怎样在component内用Spring注入bean?
can we inject bean from spring applicationContext.xml to ZK component? |
|
