[jboss-user] [JBoss Seam] - Re: Exception for authorization attempt
henrik.lindberg
do-not-reply at jboss.com
Sun Feb 4 12:13:27 EST 2007
I tried it - does not work for me. Is it supposed to work for 1.1.5.GA, or does this depends on things only in CVS?
This is what I have done
In security.drl
| canUserRenderSettings
| no-loop
| activation-group "permissions"
| when
| c: PermissionCheck(name == "/settings.xhtml" || "settings", action == "render", granted == false)
| then
| c.grant();
| modify(c);
| end;
|
I.e. a very lean rule, the user only has to be logged in. I added || "settings" because I wanted to try to check permission explicetly and use "settings" as the tag - have not tried that yet though.
I added the "no-loop", and "activation-group" from the example in CVS. Also added the "modify(c)" at the end. Don't know what they are supposed to do, but I can guess.
Then in pages.xml I have the two exception declarations:
| <!-- When NotLoggedInException occurs - redirect to login -->
| <exception class="org.jboss.seam.security.NotLoggedInException">
| <redirect view-id="/login.xhtml">
| <faces-message>You must be a member to use this feature</faces-message>
| </redirect>
| <end-conversation/>
| </exception>
|
| <!-- When AuthorizationException occurs - redirect to error page -->
| <exception class="org.jboss.seam.security.AuthorizationException">
| <redirect view-id="/security_error.xhtml">
| <faces-message>You do not have permission to do this</faces-message>
| </redirect>
| <end-conversation/>
| </exception>
| </pages>
|
(to be continued in the next post...)
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4010910#4010910
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4010910
More information about the jboss-user
mailing list