[jboss-user] [JBoss Seam] - JSF EL Resolver and Security ACL Issues
js8523
do-not-reply at jboss.com
Fri Jul 21 18:43:09 EDT 2006
Dear All
Context:
I am trying to create a user, role, where each role can have any combination of a predefined set of privileges (viewCustomers, viewReservations, cancelReservation, etc), these privileges are given to the role at runtime.
Problem:
I am trying to use this privilege system to limit what is visible on my web app.
What I would like to do is
<h:div rendered="#{hasPrivilege["viewCustomers"]}" >
I have seen that Gavin has set up something similar ish with isUserInRole, but this only accesses the servlet context, not any seam specific context (I would like to inject #{currentUser} into my JSF EL handler to get the current user principal and check that this user has the correct privileges (which is slightly more fine grained than the users role).
I have seen Jacob Hookum's post
http://weblogs.java.net/blog/jhook/archive/2006/03/the_unified_el.html
but I cannot see how to plug a Custom EL Resolver into Seam context, or if it is possible to write such a custom EL resolver.
If anybody has any ideas please could they share them,
many thanks,
James
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3960055#3960055
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3960055
More information about the jboss-user
mailing list