[jboss-cvs] jboss-seam/src/main/org/jboss/seam/security/filter ...

Shane Bryzak Shane_Bryzak at symantec.com
Fri Dec 15 08:36:44 EST 2006 

  User: sbryzak2
  Date: 06/12/15 08:36:44

  Modified:    src/main/org/jboss/seam/security/filter 
                        SeamSecurityFilter.java
  Log:
  some bug fixes, updates to security example
  
  Revision  Changes    Path
  1.14      +9 -4      jboss-seam/src/main/org/jboss/seam/security/filter/SeamSecurityFilter.java
  
  (In the diff below, changes in quantity of whitespace are not shown.)
  
  Index: SeamSecurityFilter.java
  ===================================================================
  RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/filter/SeamSecurityFilter.java,v
  retrieving revision 1.13
  retrieving revision 1.14
  diff -u -b -r1.13 -r1.14
  --- SeamSecurityFilter.java	15 Dec 2006 04:13:17 -0000	1.13
  +++ SeamSecurityFilter.java	15 Dec 2006 13:36:44 -0000	1.14
  @@ -21,6 +21,7 @@
   import org.jboss.seam.security.Identity;
   import org.jboss.seam.security.config.SecurityConfiguration;
   import org.jboss.seam.security.config.SecurityConstraint;
  +import javax.servlet.ServletContext;
   
   /**
    * A servlet filter that performs authentication within a Seam application.
  @@ -33,10 +34,13 @@
   
     private SecurityConfiguration config;
   
  +  private ServletContext servletContext;
  +
     public void init(FilterConfig filterConfig)
         throws ServletException
     {
  -    WebApplicationContext ctx = new WebApplicationContext(filterConfig.getServletContext());
  +    servletContext = filterConfig.getServletContext();
  +    WebApplicationContext ctx = new WebApplicationContext(servletContext);
       config = (SecurityConfiguration) ctx.get(SecurityConfiguration.class);
     }
   
  @@ -61,8 +65,9 @@
       Identity ident = (Identity)sessionContext.get(Seam.getComponentName(Identity.class));
   
       /** @todo Make the redirection configurable */
  -    if (!checkSecurityConstraints(hRequest.getRequestURI(), hRequest.getMethod(), ident))
  -      hResponse.sendRedirect("/securityError.seam");
  +    if (!checkSecurityConstraints(hRequest.getServletPath(), hRequest.getMethod(), ident))
  +      hResponse.sendRedirect(String.format("%s%s", hRequest.getContextPath(),
  +                                           config.getSecurityErrorPage()));
   
       chain.doFilter(request, response);
     }
  @@ -82,7 +87,7 @@
       {
         if (c.included(uri, method))
         {
  -        if (!userHasRole(ident, c.getAuthConstraint().getRoles()))
  +        if (ident == null || !userHasRole(ident, c.getAuthConstraint().getRoles()))
             return false;
         }
       }

More information about the jboss-cvs-commits mailing list