[jboss-cvs] jboss-seam/src/main/org/jboss/seam/security/filter ...
Shane Bryzak
Shane_Bryzak at symantec.com
Fri Dec 15 08:36:44 EST 2006
User: sbryzak2
Date: 06/12/15 08:36:44
Modified: src/main/org/jboss/seam/security/filter
SeamSecurityFilter.java
Log:
some bug fixes, updates to security example
Revision Changes Path
1.14 +9 -4 jboss-seam/src/main/org/jboss/seam/security/filter/SeamSecurityFilter.java
(In the diff below, changes in quantity of whitespace are not shown.)
Index: SeamSecurityFilter.java
===================================================================
RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/filter/SeamSecurityFilter.java,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -b -r1.13 -r1.14
--- SeamSecurityFilter.java 15 Dec 2006 04:13:17 -0000 1.13
+++ SeamSecurityFilter.java 15 Dec 2006 13:36:44 -0000 1.14
@@ -21,6 +21,7 @@
import org.jboss.seam.security.Identity;
import org.jboss.seam.security.config.SecurityConfiguration;
import org.jboss.seam.security.config.SecurityConstraint;
+import javax.servlet.ServletContext;
/**
* A servlet filter that performs authentication within a Seam application.
@@ -33,10 +34,13 @@
private SecurityConfiguration config;
+ private ServletContext servletContext;
+
public void init(FilterConfig filterConfig)
throws ServletException
{
- WebApplicationContext ctx = new WebApplicationContext(filterConfig.getServletContext());
+ servletContext = filterConfig.getServletContext();
+ WebApplicationContext ctx = new WebApplicationContext(servletContext);
config = (SecurityConfiguration) ctx.get(SecurityConfiguration.class);
}
@@ -61,8 +65,9 @@
Identity ident = (Identity)sessionContext.get(Seam.getComponentName(Identity.class));
/** @todo Make the redirection configurable */
- if (!checkSecurityConstraints(hRequest.getRequestURI(), hRequest.getMethod(), ident))
- hResponse.sendRedirect("/securityError.seam");
+ if (!checkSecurityConstraints(hRequest.getServletPath(), hRequest.getMethod(), ident))
+ hResponse.sendRedirect(String.format("%s%s", hRequest.getContextPath(),
+ config.getSecurityErrorPage()));
chain.doFilter(request, response);
}
@@ -82,7 +87,7 @@
{
if (c.included(uri, method))
{
- if (!userHasRole(ident, c.getAuthConstraint().getRoles()))
+ if (ident == null || !userHasRole(ident, c.getAuthConstraint().getRoles()))
return false;
}
}
More information about the jboss-cvs-commits
mailing list