[jboss-user] [JBoss Seam] - Re: Q: Seam Security - <restrict>..</...>
bsmithjj
do-not-reply at jboss.com
Tue Apr 3 09:17:17 EDT 2007
anonymous wrote : If you are not using Identity to authenticate then you need to override Identity.checkRestriction() with your own implementation that doesn't check isLoggedIn().
This is what I suspected - that <restrict\> and @Restrict require the Identity component. And so it sounds like the answer to my original question is - no, you can't just put
<restrict>#{isUserInRole['Admin']}</restrict>
on a page in pages.xml or
@Restrict("#{isUserInRole['Admin']}")
on a class or a method and have it 'just work' as you would expect in Seam. The combination of Identity and and/or @Restrict is an all-or-nothing component.
Thanks
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4034073#4034073
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4034073
More information about the jboss-user
mailing list