[JBoss Seam] - [seam 2.0.0 CR3] redirect tag and "illegal navigation" messa
by gazadonf
Hy all.
I work with seam 2.0.0 CR 3.
I don't understand the "illegal navigation" message.
I have a simple pageflow definition
<pageflow-definition
| name="monPageflow">
|
| <start-page name="displayActivity" view-id="/SaisieActivite.xhtml" no-conversation-view-id="/index.xhtml">
| /<redirect/>
| <transition to="realAsk" name="demandeConges"></transition>
| <transition name="directHoli" to="askHoliday"></transition>
| </start-page>
|
| <page name="askHoliday" view-id="/Holiday.xhtml" no-conversation-view-id="/index.xhtml">
| <redirect/>
| <transition to="displayActivity" name="retourConges">
| <end-conversation/>
| </transition>
| </page>
|
| <page name="listHoliday" view-id="/HolidayList.xhtml" no-conversation-view-id="/index.xhtml">
| <redirect/>
| <transition to="displayActivity" name="retourListeConges">
| <end-conversation/>
| </transition>
| </page>
|
| <decision name="realAsk" expression="#{saisieActiviteList.charac}">
| <transition to="askHoliday" name="true"></transition>
| <transition name="false" to="listHoliday"></transition>
| </decision>
| </pageflow-definition>
and a simple page.xml
| <pages xmlns="http://jboss.com/products/seam/pages"
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
| xsi:schemaLocation="http://jboss.com/products/seam/pages http://jboss.com/products/seam/pages-2.0.xsd"
| login-view-id="/login.xhtml"
| no-conversation-view-id="/index.xhtml">
|
| <page view-id="/login.xhtml">
| <navigation from-action="#{identity.login}">
| <rule if="#{identity.loggedIn}">
| <redirect view-id="/SaisieActivite.xhtml"/>
| </rule>
| </navigation>
| </page>
| <page view-id="/SaisieActivite.xhtml" login-required="true">
| <begin-conversation join="true" pageflow="monPageflow"/>
| </page>
|
| <page view-id="*">
| <navigation from-action="#{identity.logout}">
| <end-conversation/>
| <redirect view-id="/login.xhtml"></redirect>
| </navigation>
| </page>
| </pages>
In the default menu.xhtml layout, there's a logout button, define as
<s:link view="/login.xhtml" action="#{identity.logout}" value="Logout" rendered="#{identity.loggedIn}"/>
The problem is if i put redirect tag in my pageflow, when i click on the logout button, i have an illegal navigation message on my page and i'm not logged out, but if there's no redirect tag in the pageflow, there's no problem to logout.
Does anyone can explain where is the problem or where is my mistake?
the problem is the same even i put no-conversation-view-id="/index.xhtml" or not.
Does the logout navigation have to be describe in the pageflow also?
And does the redirect tag absolutly required in the pageflow as it describe in the documentation page 107 § 7.2.3?
Thank's.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4108489#4108489
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4108489
18 years, 5 months
[JBoss Seam] - Messages with "for" attribute to assoicate with related form
by xshuang
Good morning all,
The JSF h:messages tag doesn't include information to link message for form controls (not global messages) with related form controls. The Seam s:message does so but it is not suitable for my use.
My goal is to display a list of error messages on the top of the form, which are linked to the form control where the error occured.
I checked Seam source code and found that the Seam FacesMessages class maintains an internal Map to map form controls to messages. However, Seam does not provide a tag like s:messages to serve this purpose.
And for whatever reason, clientIds stored in JSF FacesContextImpl (can be retrieved using getClientIdsWithMessages()) are not the same as what are on form display. It seems JSF creates two components for each form control, one can be retrieved using getClientIdsWithMessages() and the other is on form display. That might explain why sometimes we got "duplicate ID for a component" error.
Is there a work-around or a solution? Thank you very much for your help.
Best regards,
Sheng
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4108488#4108488
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4108488
18 years, 5 months
[JBoss Seam] - Re: External Client and Seam Security
by agnadello
Hi again,
Well, I did put a breakpoint at the RootInterceptor.invoke() method and it gets hit.
I've also implemented the manual Identity.login(), even tested with Identity.authenticate().
I've also verified that the @Restrict("#{s:hasRole('user')}") works if I access the method from my JSF after I'm logged in.
Seems like I'm missing something here so I'll give you the whole enchillada!
Here's my Quartz Pojo Job
| public class SampleJob implements Job {
|
| private final Logger LOGGER = Logger.getLogger(this.getClass());
|
| public void execute(final JobExecutionContext theJobExecutionContext)
| throws JobExecutionException {
| this.LOGGER.info("Executing job with description: "
| + theJobExecutionContext.getJobDetail().getDescription());
| LoginContext lc = null;
| try {
| // Begin Seam session
| Lifecycle.beginSession(new java.util.HashMap<String, Object>());
|
| // External client login
| UsernamePasswordHandler handler = new UsernamePasswordHandler(
| "user", "Demo987!");
| lc = new LoginContext("client-login", handler);
| lc.login();
|
| // Lookup EJB
| final TestSeamSecurityService service = (TestSeamSecurityService) new InitialContext()
| .lookup("sio/TestSeamSecurityServiceBean/local");
|
| // Any calls to secured resources now use the username/password
| // identity
| service.login("user", "Demo987!");
|
| // Should fail because 'user' don't have the role 'admin'
| service.secure();
|
| // Clear and restore the previous identity
| service.logout();
| lc.logout();
| } catch (Exception e) {
| e.printStackTrace();
| } finally {
| // End Seam session
| Lifecycle.endSession(new java.util.HashMap<String, Object>());
| }
| }
| }
|
And here's my Seam component using the @Restrict annotation (local business interface omitted):
| @Stateful
| @SecurityDomain("sio")
| @Local(TestSeamSecurityService.class)
| @Name("echoService")
| public class TestSeamSecurityServiceBean implements TestSeamSecurityService {
|
| @Logger
| private transient Log log;
|
| @Resource
| private SessionContext sessionContext;
|
| @RolesAllowed("user")
| public void login(final String theUsername, final String thePassword)
| throws LoginException {
| this.log.info("Entered 'login' method...");
| // Seam login
| Identity.instance().setUsername(theUsername);
| Identity.instance().setPassword(thePassword);
| Identity.instance().login();
| // Identity.instance().authenticate();
| this.log.info("Exiting 'login' method.");
| this.status();
| }
|
| public void logout() {
| Identity.instance().logout();
| }
|
| @Restrict("#{s:hasRole('admin')}")
| public void secure() {
| this.log.info("Entered 'secure' method.");
| this.status();
| }
|
| @Remove
| @Destroy
| public void destroy() {
| }
|
| private void status() {
| this.log.info("-=STATUS=-");
| this.log.info("Caller Principal = #0", this.sessionContext
| .getCallerPrincipal());
| this.log.info("Is Identity Security Enabled = #0", Identity
| .isSecurityEnabled());
| this.log.info("Identity Is Logged In = #0", Identity.instance()
| .isLoggedIn());
| this.log.info("Identity Has Role 'user' = #0", Identity.instance()
| .hasRole("user"));
| this.log.info("Identity Has Role 'admin' = #0", Identity.instance()
| .hasRole("admin"));
| }
|
| }
|
As you can see I've implemented the "standard Java EE security" using @SecurityDomain annotation. The annotation @RolesAllowed works like a charm but not @Restrict.
component.xml
| <?xml version="1.0" encoding="UTF-8"?>
| <components xmlns="http://jboss.com/products/seam/components"
| xmlns:core="http://jboss.com/products/seam/core"
| xmlns:persistence="http://jboss.com/products/seam/persistence"
| xmlns:security="http://jboss.com/products/seam/security"
| xmlns:drools="http://jboss.com/products/seam/drools"
| xmlns:async="http://jboss.com/products/seam/async"
| xmlns:web="http://jboss.com/products/seam/web"
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
| xmlns:framework="http://jboss.com/products/seam/framework"
| xsi:schemaLocation="http://jboss.com/products/seam/core http://jboss.com/products/seam/core-2.0.xsd
| http://jboss.com/products/seam/persistence http://jboss.com/products/seam/persistence-2.0.xsd
| http://jboss.com/products/seam/components http://jboss.com/products/seam/components-2.0.xsd
| http://jboss.com/products/seam/security http://jboss.com/products/seam/security-2.0.xsd
| http://jboss.com/products/seam/async http://jboss.com/products/seam/async-2.0.xsd
| http://jboss.com/products/seam/web http://jboss.com/products/seam/web-2.0.xsd
| http://jboss.com/products/seam/framework http://jboss.com/products/seam/framework-2.0.xsd
| http://jboss.com/products/seam/drools http://jboss.com/products/seam/drools-2.0.xsd">
|
| <core:init jndi-pattern="sio/#{ejbName}/local" debug="true"
| transaction-management-enabled="true" />
|
| <persistence:managed-persistence-context name="entityManager"
| auto-create="true"
| persistence-unit-jndi-name="java:/OracleSioEntityManagerFactory" />
|
| <core:manager conversation-timeout="600000"
| concurrent-request-timeout="500" conversation-id-parameter="cid" />
|
| <!-- Default system JAAS configuration -->
| <security:identity
| authenticate-method="#{authenticator.authenticate}"
| jaas-config-name="sio" />
|
| <drools:rule-base name="securityRules">
| <drools:rule-files>
| <value>/META-INF/security.drl</value>
| </drools:rule-files>
| </drools:rule-base>
|
| <framework:entity-query name="roles" ejbql="select r from Role r" />
|
| <event type="org.jboss.seam.notLoggedIn">
| <action execute="#{redirect.captureCurrentView}" />
| </event>
|
| <event type="org.jboss.seam.postAuthenticate">
| <action execute="#{redirect.returnToCapturedView}" />
| </event>
|
| </components>
|
The Drools rules in security.drl only concerns entities not part of this problem so I'm not including it and the orm.xml in this post. Does anyone feel the need to see just tell me :-)
web.xml
| <?xml version="1.0" encoding="UTF-8"?>
|
| <web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee"
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
| xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
|
| <!-- Initializes Quartz in the application server -->
|
| <servlet>
| <servlet-name>QuartzInitializer</servlet-name>
| <display-name>Quartz Initializer Servlet</display-name>
| <servlet-class>
| org.quartz.ee.servlet.QuartzInitializerServlet
| </servlet-class>
| <load-on-startup>2</load-on-startup>
| <init-param>
| <param-name>shutdown-on-unload</param-name>
| <param-value>true</param-value>
| </init-param>
| <init-param>
| <param-name>start-scheduler-on-load</param-name>
| <param-value>true</param-value>
| </init-param>
| </servlet>
|
| <!-- BEGIN: RichFaces -->
| <context-param>
| <param-name>org.richfaces.SKIN</param-name>
| <param-value>DEFAULT</param-value>
| </context-param>
|
| <filter>
| <display-name>RichFaces Filter</display-name>
| <filter-name>richfaces</filter-name>
| <filter-class>org.ajax4jsf.Filter</filter-class>
| </filter>
|
| <filter-mapping>
| <filter-name>richfaces</filter-name>
| <servlet-name>Faces Servlet</servlet-name>
| <dispatcher>REQUEST</dispatcher>
| <dispatcher>FORWARD</dispatcher>
| <dispatcher>INCLUDE</dispatcher>
| </filter-mapping>
|
| <!-- END: RichFaces -->
|
| <!-- Seam -->
|
| <listener>
| <listener-class>
| org.jboss.seam.servlet.SeamListener
| </listener-class>
| </listener>
|
| <servlet>
| <servlet-name>Seam Resource Servlet</servlet-name>
| <servlet-class>
| org.jboss.seam.servlet.ResourceServlet
| </servlet-class>
| </servlet>
|
| <servlet-mapping>
| <servlet-name>Seam Resource Servlet</servlet-name>
| <url-pattern>/seam/resource/*</url-pattern>
| </servlet-mapping>
|
| <filter>
| <filter-name>Seam Filter</filter-name>
| <filter-class>org.jboss.seam.servlet.SeamFilter</filter-class>
| </filter>
|
| <filter-mapping>
| <filter-name>Seam Filter</filter-name>
| <url-pattern>/*</url-pattern>
| </filter-mapping>
|
| <context-param>
| <param-name>javax.faces.STATE_SAVING_METHOD</param-name>
| <param-value>client</param-value>
| </context-param>
|
| <context-param>
| <param-name>facelets.DEVELOPMENT</param-name>
| <param-value>true</param-value>
| </context-param>
|
| <context-param>
| <param-name>javax.faces.DEFAULT_SUFFIX</param-name>
| <param-value>.xhtml</param-value>
| </context-param>
|
| <servlet>
| <servlet-name>Faces Servlet</servlet-name>
| <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
| <load-on-startup>1</load-on-startup>
| </servlet>
|
| <!-- Faces Servlet Mapping -->
|
| <servlet-mapping>
| <servlet-name>Faces Servlet</servlet-name>
| <url-pattern>*.seam</url-pattern>
| </servlet-mapping>
|
| </web-app>
|
ejb-jar.xml
| <?xml version="1.0" encoding="UTF-8"?>
| <ejb-jar xmlns="http://java.sun.com/xml/ns/javaee"
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
| xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/ejb-jar_3_0.xsd"
| version="3.0">
|
| <interceptors>
| <interceptor>
| <interceptor-class>
| org.jboss.seam.ejb.SeamInterceptor
| </interceptor-class>
| </interceptor>
| </interceptors>
|
| <assembly-descriptor>
| <interceptor-binding>
| <ejb-name>*</ejb-name>
| <interceptor-class>
| org.jboss.seam.ejb.SeamInterceptor
| </interceptor-class>
| </interceptor-binding>
| </assembly-descriptor>
|
| </ejb-jar>
|
Here's my login-config.xml:
| <?xml version='1.0'?>
| <!DOCTYPE policy PUBLIC
| "-//JBoss//DTD JBOSS Security Config 3.0//EN"
| "http://www.jboss.org/j2ee/dtd/security_config.dtd">
|
| <policy>
|
| <!-- Used by clients within the application server VM such as mbeans and servlets that access EJBs. -->
| <application-policy name = "client-login">
| <authentication>
| <login-module code = "org.jboss.security.ClientLoginModule"
| flag = "required">
| <!-- Any existing security context will be restored on logout -->
| <module-option name="restore-login-identity">true</module-option>
| <module-option name="multi-threaded">true</module-option>
| </login-module>
| </authentication>
| </application-policy>
|
| <!-- Default JBoss stuff omitted -->
|
| <!-- Security domain for SIO -->
| <application-policy name = "sio">
| <authentication>
| <login-module code = "com.cybercomgroup.security.auth.jboss.SoxDatabaseServerLoginModule" flag = "required">
| <module-option name = "dsJndiName">java:/OracleSio</module-option>
| <module-option name = "rolesQuery">SELECT role_name, 'Roles' FROM principals JOIN roles ON principals.id = roles.id WHERE principals.username=?</module-option>
| <module-option name = "principalsQuery">SELECT Password FROM principals WHERE username=?</module-option>
| </login-module>
| </authentication>
| </application-policy>
|
| </policy>
|
And here the log output from a Quartz job execution:
| 13:41:00,025 INFO [SampleJob] Executing job with description: A sample job doing nothing.
| 13:41:00,025 INFO [Contexts] starting up: org.jboss.seam.web.session
| 13:41:00,025 INFO [Contexts] starting up: org.jboss.seam.security.identity
| 13:41:00,756 INFO [RuleBase] parsing rules: /META-INF/security.drl
| 13:41:05,703 INFO [SoxDatabaseServerLoginModule] started login attempt
| 13:41:06,774 INFO [SoxDatabaseServerLoginModule] principal 'user' is authenticated and active
| 13:41:06,774 INFO [SoxDatabaseServerLoginModule] days since last password change = 65
| 13:41:06,804 INFO [SoxDatabaseServerLoginModule] authentication successful = true
| 13:41:06,894 INFO [TestSeamSecurityServiceBean] Entered 'login' method...
| 13:41:06,894 INFO [SoxDatabaseServerLoginModule] started login attempt
| 13:41:06,945 INFO [SoxDatabaseServerLoginModule] principal 'user' is authenticated and active
| 13:41:06,945 INFO [SoxDatabaseServerLoginModule] days since last password change = 65
| 13:41:06,975 INFO [SoxDatabaseServerLoginModule] authentication successful = true
| 13:41:08,246 INFO [TestSeamSecurityServiceBean] Exiting 'login' method.
| 13:41:08,246 INFO [TestSeamSecurityServiceBean] -=STATUS=-
| 13:41:08,246 INFO [TestSeamSecurityServiceBean] Caller Principal = user
| 13:41:08,246 INFO [TestSeamSecurityServiceBean] Is Identity Security Enabled = true
| 13:41:08,246 INFO [TestSeamSecurityServiceBean] Identity Is Logged In = true
| 13:41:08,246 INFO [TestSeamSecurityServiceBean] Identity Has Role 'user' = true
| 13:41:08,246 INFO [TestSeamSecurityServiceBean] Identity Has Role 'admin' = false
|
| 13:41:08,276 INFO [TestSeamSecurityServiceBean] Entered 'secure' method.
| 13:41:08,276 INFO [TestSeamSecurityServiceBean] -=STATUS=-
| 13:41:08,276 INFO [TestSeamSecurityServiceBean] Caller Principal = user
| 13:41:08,276 INFO [TestSeamSecurityServiceBean] Is Identity Security Enabled = true
| 13:41:08,276 INFO [TestSeamSecurityServiceBean] Identity Is Logged In = false
| 13:41:08,276 INFO [TestSeamSecurityServiceBean] Identity Has Role 'user' = false
| 13:41:08,276 INFO [TestSeamSecurityServiceBean] Identity Has Role 'admin' = false
|
As you can see the Identity is populated with the role 'user' when I perform a "manual" login. But between the calls to method 'login' and then method 'secure' the Identity seems to lose its principal information.
And even worse - the @Restrict annotation doesn't kick in at all. Even though the Identity doesn't seem to get its principals between calls the @Restrict annotation should react to it and throw an exception because the Identity doesn't contain the role required to call 'secure'.
Soon I'll have to implement this myself which sucks :-(
Cheers!
Regards, Andreas
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4108471#4108471
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4108471
18 years, 5 months