[jbossseam-issues] [JBoss JIRA] Commented: (JBSEAM-3749) login-required should support EL
[
https://jira.jboss.org/jira/browse/JBSEAM-3749?page=com.atlassian.jira.pl...
]
Przemyslaw Jaskierski commented on JBSEAM-3749:
-----------------------------------------------
Shane,
I've tried with restrict but it wasn't suitable solution. But maybe I'm
missing something. I think that you mean something like this (pseudo code):
<page view-id="x">
<restrict>#{identity.loggedIn or
mySessionScopedCookieVerifier.hasUserOurCookieSet}</restrict>
</page>
But AFAIK this would not solve the test case. If user is not logged in and our cookie is
not set he gets AuthorizationException(AccessDeniedException?) from <restrict/> and
gets redirected to "Not enough privileges" error page - instead of being
gracefully redirected to login page to fulfill the identity.loggedIn condition. Putting
this check in login-required would fix this gracefully IMHO. Of course I can miss
something here, it's your code :)
login-required should support EL
--------------------------------
Key: JBSEAM-3749
URL: https://jira.jboss.org/jira/browse/JBSEAM-3749
Project: Seam
Issue Type: Feature Request
Reporter: Przemyslaw Jaskierski
Assignee: Shane Bryzak
Fix For: 2.1.1.CR2
There is a lot of scenarios which are impossible to accomplish without EL support in
login-required attribute. Example: some pages should be freely accessed by recognized
users (users who have e.g. you cookie set in it), but require login or registration from
unrecognized users. Conditional check against e.g. session-scoped bean in login-required
would be clean an elegant way to achieve this. Ok, you can add several intermediate views
and redirect amongst them to achieve this, but it looks ridiculous comparing to clean EL
approach.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira