[jbossseam-issues] [JBoss JIRA] Assigned: (JBSEAM-888) Various security/login-related issues

Shane Bryzak (JIRA) jira-events at lists.jboss.org
Fri Mar 9 02:39:27 EST 2007

     [ http://jira.jboss.com/jira/browse/JBSEAM-888?page=all ]

Shane Bryzak reassigned JBSEAM-888:

    Assignee: Shane Bryzak

> Various security/login-related issues
> -------------------------------------
>                 Key: JBSEAM-888
>                 URL: http://jira.jboss.com/jira/browse/JBSEAM-888
>             Project: JBoss Seam
>          Issue Type: Bug
>          Components: Security
>            Reporter: Christian Bauer
>         Assigned To: Shane Bryzak
>            Priority: Minor
>             Fix For: 1.2.1.GA
> Various issues I found while using the new security stuff:
> 1. NPE in RuleBasedIdentity, line 155: getSecurityContext().assertObject(new Role(role)); if the security-rules.drl can't be found.
> 2. Do we need to call modify(c) on the RHS after c.grant() or not? The 12.5.3 example doesn't have it.
> 3. The copy/pasted seamspace example in the "Securing Entities" section is very cryptic. Please don't use variable names such as "nm" and "mbr" in examples. Good documentation also means that every code snippet is explained after the code block.
> 4. The exception handling doesn't allow me to simply re-render the page, I need to do a redirect. I don't want this if my default page template has a login box always present (so I don't need login.xhtml) and if my default template can show global faces messages ("You don't have permission to do this"). In fact, the whole redirect/captureView stuff conflicts with my application because I'm already using it to keep my own navigation history. I can't use it to redirect/return from and to some login page.
> Example of the last issue: User browses documents, clicks on EDIT, is redirected to the Login page, is redirected to the EDIT page. Now I've lost my history and can't redirect the user back to browsing the document when he exists the EDIT page.

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


More information about the seam-issues mailing list