[forge-dev] Spring Security

Tejas Mehta tmehta at redhat.com
Mon Feb 25 09:58:03 EST 2013


I have been working on expanding the plugin-spring-mvc to include Spring Security as an add-on. However, more I work with Spring Security more I realize that it doesn't really need anything from the original spring-mvc plugin. Therefore, I am proposing to create a separate plugin for Spring Security.

Now, to test the whether this plugin would be viable with other scaffolding plugins, I have been testing with the default JSF scaffolding. It works well for most part, i.e. it intercepts create/edit/delete urls and forces user authentication. The problem happens when the user is authenticated and the browser is redirected to the original link. For example, when creating a Person, after authentication, I get an error along the lines: value="#{personBean.person.name}": Target Unreachable, 'person' returned null (full stack trace: http://pastebin.com/UNqX2vYT). 

This is my first real venture into JSF so I am not sure how to go about fixing it, I suspect the problem is in how spring's lifecycles work compared to jsf's. If this issue (and other unknown ones) can be fixed, I think Spring Security can be its own plugin and used with any scaffolding.

Tejas M.

More information about the forge-dev mailing list