Using MethodContext var in @Restrict no longer works.
-----------------------------------------------------
Key: JBSEAM-4725
URL:
https://jira.jboss.org/browse/JBSEAM-4725
Project: Seam
Issue Type: Bug
Components: Security
Affects Versions: 2.2.0.GA
Reporter: Chris Rudd
Priority: Minor
A feature was added to 1.3.0.ALPHA (JBSEAM-1544) that resulted in the ability to access
information about the current component that the @Restrict was applying to via :
@Restrict("#{s:hasPermission(org.jboss.seam.component.name,
org.jboss.seam.method.name, org.jboss.seam.this.instance)}")
This worked great.
In 2.2.0.GA the SecurityInterceptor is no a CLIENT interceptor so the
MethodContextInterceptor (wile listing its to be around it) cannot run around it, as it is
a SERVER interceptor.
Is there a reason (that i'm obviously missing) that the SecurityInterceptor should be
CLIENT rather than SERVER?
Would it be a better solution to have the SecurityInterceptor expose information into
about the target, etc rather than rely on the MethodContextInterceptor?
Or should there be a ClientMethodContextInterceptor and a ServerMethodContextInterceptor
?
--
This message is automatically generated by JIRA.
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira