[jboss-user] [JBoss Seam] - Re: Invitation to try new Seam authentication features
Lundegaard
do-not-reply at jboss.com
Thu Jan 18 09:57:02 EST 2007
anonymous wrote :
| anonymous wrote :
| | Is it possible to check authorization before RESTORE_VIEW?
| |
| | I had some problems, since without an authenticated user the @In attribute threw an exception.
| | And I don't want to have 404s for unauthorized users, when there isn't an existing file for the requested view.
| |
| What are you trying to inject with @In?
|
A class similar to org.jboss.seam.example.seamspace.LoginAction from where I get my authenticated user. Of course I solved the problem with @In(create=true), but nevertheless I think, it would be more consistent, if a non-authorized user had no access to resources with a security-constraint.
I just expected that unauthorized users won't get access to any existing or not-existing resource and so no bijection will occur for these resources.
Regards,
Thomas
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4003342#4003342
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4003342
More information about the jboss-user
mailing list