8:58 a.m.
Hi,
I have been working on expanding the plugin-spring-mvc to include Spring Security as an
add-on. However, more I work with Spring Security more I realize that it doesn't
really need anything from the original spring-mvc plugin. Therefore, I am proposing to
create a separate plugin for Spring Security.
Now, to test the whether this plugin would be viable with other scaffolding plugins, I
have been testing with the default JSF scaffolding. It works well for most part, i.e. it
intercepts create/edit/delete urls and forces user authentication. The problem happens
when the user is authenticated and the browser is redirected to the original link. For
example, when creating a Person, after authentication, I get an error along the lines:
value="#{personBean.person.name}": Target Unreachable, 'person' returned
null (full stack trace: http://pastebin.com/UNqX2vYT).
This is my first real venture into JSF so I am not sure how to go about fixing it, I
suspect the problem is in how spring's lifecycles work compared to jsf's. If this
issue (and other unknown ones) can be fixed, I think Spring Security can be its own plugin
and used with any scaffolding.
Tejas M.
4:15 p.m.
I'm not really too familiar with the JSF scaffold, but it probably has
something to do with the conversation ID being lost.
On Mon, Feb 25, 2013 at 9:58 AM, Tejas Mehta <tmehta(a)redhat.com> wrote:
Hi,
I have been working on expanding the plugin-spring-mvc to include Spring
Security as an add-on. However, more I work with Spring Security more I
realize that it doesn't really need anything from the original spring-mvc
plugin. Therefore, I am proposing to create a separate plugin for Spring
Security.
Now, to test the whether this plugin would be viable with other
scaffolding plugins, I have been testing with the default JSF scaffolding.
It works well for most part, i.e. it intercepts create/edit/delete urls and
forces user authentication. The problem happens when the user is
authenticated and the browser is redirected to the original link. For
example, when creating a Person, after authentication, I get an error along
the lines: value="#{personBean.person.name}": Target Unreachable,
'person' returned null (full stack trace: http://pastebin.com/UNqX2vYT).
This is my first real venture into JSF so I am not sure how to go about
fixing it, I suspect the problem is in how spring's lifecycles work
compared to jsf's. If this issue (and other unknown ones) can be fixed, I
think Spring Security can be its own plugin and used with any scaffolding.
Tejas M.
_______________________________________________
forge-dev mailing list
forge-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/forge-dev
--
Lincoln Baxter, III
http://ocpsoft.org
"Simpler is better."
5:20 p.m.
Yes I think you are right. After digging a little deeper, I found that while the original
request by backing bean is of the form: create.xhtml?faces-redirect=true, but once spring
authenticities and redirects, the ?faces-redirect=true part seems to be lost. I am also
not too familiar with JSF but I am guessing that this the reason things like <f:event
type="preRenderView" ... /> don't work after this happens.
Now the only solution I could come up with was to create customRedirectStrategy which adds
this faces-redirect=true, and registers it in the spring security configuration. This
doesn't feel very elegant, especially since it requires adding an extra java source
file to the project. So, let me know if there is a better approach to this or if I am
missing something.
Tejas M.
----- Original Message -----
From: "Lincoln Baxter, III" <lincolnbaxter(a)gmail.com>
To: "forge-dev List" <forge-dev(a)lists.jboss.org>
Sent: Tuesday, 26 February, 2013 5:15:48 PM
Subject: Re: [forge-dev] Spring Security
I'm not really too familiar with the JSF scaffold, but it probably has something to do
with the conversation ID being lost.
On Mon, Feb 25, 2013 at 9:58 AM, Tejas Mehta < tmehta(a)redhat.com > wrote:
Hi,
I have been working on expanding the plugin-spring-mvc to include Spring Security as an
add-on. However, more I work with Spring Security more I realize that it doesn't
really need anything from the original spring-mvc plugin. Therefore, I am proposing to
create a separate plugin for Spring Security.
Now, to test the whether this plugin would be viable with other scaffolding plugins, I
have been testing with the default JSF scaffolding. It works well for most part, i.e. it
intercepts create/edit/delete urls and forces user authentication. The problem happens
when the user is authenticated and the browser is redirected to the original link. For
example, when creating a Person, after authentication, I get an error along the lines:
value="#{ personBean.person.name }": Target Unreachable, 'person'
returned null (full stack trace: http://pastebin.com/UNqX2vYT ).
This is my first real venture into JSF so I am not sure how to go about fixing it, I
suspect the problem is in how spring's lifecycles work compared to jsf's. If this
issue (and other unknown ones) can be fixed, I think Spring Security can be its own plugin
and used with any scaffolding.
Tejas M.
_______________________________________________
forge-dev mailing list
forge-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/forge-dev
--
Lincoln Baxter, III
http://ocpsoft.org
"Simpler is better."
_______________________________________________
forge-dev mailing list
forge-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/forge-dev
6:06 p.m.
Not sure if there's a better approach. You would likely need to do
something similar anyway.
On Wed, Feb 27, 2013 at 6:20 PM, Tejas Mehta <tmehta(a)redhat.com> wrote:
Yes I think you are right. After digging a little deeper, I found
that
while the original request by backing bean is of the form:
create.xhtml?faces-redirect=true, but once spring authenticities and
redirects, the ?faces-redirect=true part seems to be lost. I am also not
too familiar with JSF but I am guessing that this the reason things like
<f:event type="preRenderView" ... /> don't work after this happens.
Now the only solution I could come up with was to create
customRedirectStrategy which adds this faces-redirect=true, and registers
it in the spring security configuration. This doesn't feel very elegant,
especially since it requires adding an extra java source file to the
project. So, let me know if there is a better approach to this or if I am
missing something.
Tejas M.
----- Original Message -----
From: "Lincoln Baxter, III" <lincolnbaxter(a)gmail.com>
To: "forge-dev List" <forge-dev(a)lists.jboss.org>
Sent: Tuesday, 26 February, 2013 5:15:48 PM
Subject: Re: [forge-dev] Spring Security
I'm not really too familiar with the JSF scaffold, but it probably has
something to do with the conversation ID being lost.
On Mon, Feb 25, 2013 at 9:58 AM, Tejas Mehta < tmehta(a)redhat.com > wrote:
Hi,
I have been working on expanding the plugin-spring-mvc to include Spring
Security as an add-on. However, more I work with Spring Security more I
realize that it doesn't really need anything from the original spring-mvc
plugin. Therefore, I am proposing to create a separate plugin for Spring
Security.
Now, to test the whether this plugin would be viable with other
scaffolding plugins, I have been testing with the default JSF scaffolding.
It works well for most part, i.e. it intercepts create/edit/delete urls and
forces user authentication. The problem happens when the user is
authenticated and the browser is redirected to the original link. For
example, when creating a Person, after authentication, I get an error along
the lines: value="#{ personBean.person.name }": Target Unreachable,
'person' returned null (full stack trace: http://pastebin.com/UNqX2vYT ).
This is my first real venture into JSF so I am not sure how to go about
fixing it, I suspect the problem is in how spring's lifecycles work
compared to jsf's. If this issue (and other unknown ones) can be fixed, I
think Spring Security can be its own plugin and used with any scaffolding.
Tejas M.
_______________________________________________
forge-dev mailing list
forge-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/forge-dev
--
Lincoln Baxter, III
http://ocpsoft.org
"Simpler is better."
_______________________________________________
forge-dev mailing list
forge-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/forge-dev
_______________________________________________
forge-dev mailing list
forge-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/forge-dev
--
Lincoln Baxter, III
http://ocpsoft.org
"Simpler is better."
4284
days inactive
4287
days old
3 comments
2 participants
participants (2)
-
Lincoln Baxter, III -
Tejas Mehta