anonymous wrote : | anonymous wrote : | | Is it possible to check authorization before RESTORE_VIEW? | | | | I had some problems, since without an authenticated user the @In attribute threw an exception. | | And I don't want to have 404s for unauthorized users, when there isn't an existing file for the requested view. | | | What are you trying to inject with @In? | A class similar to org.jboss.seam.example.seamspace.LoginAction from where I get my authenticated user. Of course I solved the problem with @In(create=true), but nevertheless I think, it would be more consistent, if a non-authorized user had no access to resources with a security-constraint. I just expected that unauthorized users won't get access to any existing or not-existing resource and so no bijection will occur for these resources. Regards, Thomas View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4003342#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...