[jboss-user] [JBoss Seam] - Security rules for Role in document not working..

Thursday, 5 July 2007

I follow the documentation of Seam 2.0.0.Beta1 to put some security rules to check for
page access permission, but it didn't work the way it documented. If anyone can
explain how Role got created and used in the framework, that would be real helpful.

In security.drl (as documentation explains in security chapter)

  | package Permissions;
  | 
  | import java.security.Principal;
  | import org.jboss.seam.security.PermissionCheck;
  | import org.jboss.seam.security.Role;
  | 
  | rule CanUserCreateAccount
  | when
  | 	c: PermissionCheck(name == "/AccountEdit.xhtml", action ==
"render")
  | 	Role(name == "admin")
  | then
  | 	c.grant();
  | end;
  | 
anyone can explain how Role is asserted in there..

in pages.xml

  | 	<page view-id="/AccountEdit.xhtml">
  | 		<restrict/>
  | 	</page>
  | 

I got the role added to Identity at authenticate() call and go through another rule
working memory with no problem. I see username as "tim as admin" after logged
in.

  | rule AssignUserRole
  | when
  | 	i: Identity(username == "tim")
  | then
  | 	i.addRole("admin");
  | 	i.setUsername("tim as admin");
  | end;
  | 

... and then I check into error stack and find out that Identity.hasPermission(..) always
return false... :( BETA ):

  |    public boolean hasPermission(String name, String action, Object...arg)
  |    {      
  |       return false;
  |    }   
  | 

View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4061059#...

Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[jboss-user] [JBoss Seam] - Security rules for Role in document not working..