[jboss-user] [JBoss Seam] - Role enforcement on a RESTful page

Monday, 23 October 2006

I'm still struggling to get my Role based security working.  When protecting an
action, I'm in pretty good shape when the action is called first and then determines
the outcome.

However, I'm having trouble with some pull-style pages.

I can't use my current approach of intercepting the action calls and returning a
different destination (auth failure page).  I can't throw an exception because JSF
just pukes up an error page instead of letting me handle it and hijack the output.

Have any of you had success in controlling access to JSF pages based on roles?  This is a
customer-facing application, so I need to display a kind & gentle error page,
preferably one that indicates which role is needed.

The only thing I can't think of (which I will attempt next) is an outer Facelets
template that checks for the existence of a permission error object (using EL) and
displays and error instead of rendering the normal content.

View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3980145#...

Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[jboss-user] [JBoss Seam] - Role enforcement on a RESTful page