[jboss-user] [JBoss Seam] - Re: Securing components
rapowder
do-not-reply at jboss.com
Tue Jul 3 05:08:12 EDT 2007
Something else: if I call the method addRole() after id.authenticate() the role is actually added, but when I load the pages where I actually want to check if the user is ADMIN (see first post when i call delete()) the method still returns false.
Some additional info: I declared the authenticator method in components.xml as follows:
<security:identity authenticate-method="#{login.authenticate}"/>
and pages.xml looks like follows:
| <pages login-view-id="/auth_login.xhtml">
| ...
| <page view-id="/mypage.xhtml" no-conversation-view-id="/auth_login.xhtml" login-required="true">
| ...
| </page>
| ...
| </pages>
|
I noticed that if I don't call the authenticate() method manually from the login page (see first post) it is never called and any page that I try to render redirects me to the login page. Shouldn't the authenticate method be called automatically?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4059835#4059835
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4059835
More information about the jboss-user
mailing list