Pebble security

Mon, 06 Mar 2006 21:46:26 GMT

Okay, so I said that I'd blog about some of the new Pebble 2.0 features, so let's start with Security. As I said before, Pebble 2.0 makes use of the Acegi Security System for Spring, meaning that Pebble now supports "remember me" functionality. You can see this here on my blog and in the screenshot below (click to see the full size version) - there's an additional checkbox on the login form.

Speaking of the login form, you'll notice that this now appears on all pages so you don't have to explicitly click the "login" link just to get to the login page. Of course, try to access a restricted page when you're not logged in and you'll still be prompted to login as before.

One of the things that always bugged me (a little, anyway) about the current version of Pebble is that, after you login, the admin links take up a fair chunk of screen real estate. Worse, you have to scroll past them all to get to the admin feature that you're trying to use. In Pebble 2.0, the admin links replace the login form once you've logged in. The neat thing about this is that these links are always easily reachable, yet don't take up any of the main content space. Again, you can see this in the following screenshot (click to see the full size version).

The final thing to say about security is that you can now use your regular Pebble login when posting from an XML-RPC blogging client (such as MarsEdit, w.bloggar, etc). This is all thanks to Acegi and a bit of Spring IoC.

Simon Brown - acegi tag

Pebble security