[seam-issues] [JBoss JIRA] (SEAMFACES-243) ViewConfig not working unless <f:metadata> specified on page

Andries Ehlers (JIRA) jira-events at lists.jboss.org
Tue Apr 3 09:02:47 EDT 2012 

Andries Ehlers created SEAMFACES-243:
----------------------------------------

             Summary: ViewConfig not working unless <f:metadata> specified on page
                 Key: SEAMFACES-243
                 URL: https://issues.jboss.org/browse/SEAMFACES-243
             Project: Seam Faces
          Issue Type: Bug
          Components: View Configuration
    Affects Versions: 3.1.0.Final
         Environment: Kubuntu Linux
            Reporter: Andries Ehlers


I created a custom SecurityBindingType as follows

{code:title=ActiveUser.java|borderStyle=solid}
@SecurityBindingType
@Retention(RetentionPolicy.RUNTIME)
@Target({ElementType.FIELD, ElementType.TYPE, ElementType.METHOD})
@Documented
public @interface ActiveUser {
}
{code}

with the following authentication method:
{code:title=SecurityRestrictions.java|borderStyle=solid}
  @Secures
  @ActiveUser
  public boolean isActiveUser(Identity identity) {
    // always returns false just to test that security works...
    return false;
  }
{code}

I then use this type in the following file which is annotated with @ViewConfig
{code:title=Bar.java|borderStyle=solid}

@ViewConfig
public interface Pages {
    static enum Pages1 {
        @ViewPattern("/pages/secured/profile/*")
        @LoginView("/pages/public/login.xhtml?faces-redirect=true")
        @AccessDeniedView("/pages/secured/home/home.xhtml?faces-redirect=true")
        @FacesRedirect
        @LoggedIn
        @ActiveUser
        SECURED_PROFILE;
   }
}
{code}

In the profile folder is a file called UserProfile.xhtml, as follows:
{code:xml}
<ui:composition xmlns="http://www.w3.org/1999/xhtml"
	xmlns:h="http://java.sun.com/jsf/html"
	xmlns:f="http://java.sun.com/jsf/core"
	xmlns:ui="http://java.sun.com/jsf/facelets"
	xmlns:forgeview="http://jboss.org/forge/view"
	xmlns:c="http://java.sun.com/jsp/jstl/core"
	xmlns:a4j="http://richfaces.org/a4j"
	xmlns:s="http://jboss.org/seam/faces"
	xmlns:p="http://primefaces.org/ui"
	template="/resources/template/master_template.xhtml">
	
	<ui:define name="content">

	  CONTENT HERE
        </ui:define>

</ui:composition>
{code}
		
When running the application, the security for the @LoggedIn seems to work, but security for the @ActiveUser does not work at all.
However, when I include the following code above the <ui:define...> tag in the profile page above, it suddenly works (any viewParam makes security magically work - why??).

{code:xml}
<f:metadata>
  <f:viewParam name="i_have_no_idea_why_i_should_put_this_here_param" value="" />
</f:metadata>
{code}


--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the seam-issues mailing list