[jboss-user] [JBoss Seam] - JSF EL Resolver and Security ACL Issues

js8523 do-not-reply at jboss.com
Fri Jul 21 18:43:09 EDT 2006

Dear All 


I am trying to create a user, role, where each role can have any combination of a predefined set of privileges (viewCustomers, viewReservations, cancelReservation, etc), these privileges are given to the role at runtime.


I am trying to use this privilege system to limit what is visible on my web app. 

What I would like to do is 
<h:div rendered="#{hasPrivilege["viewCustomers"]}" > 

I have seen that Gavin has set up something similar ish with isUserInRole, but this only accesses the servlet context, not any seam specific context (I would like to inject #{currentUser} into my JSF EL handler to get the current user principal and check that this user has the correct privileges (which is slightly more fine grained than the users role).

I have seen Jacob Hookum's post 

but I cannot see how to plug a Custom EL Resolver into Seam context, or if it is possible to write such a custom EL resolver. 

If anybody has any ideas please could they share them, 

many thanks, 


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3960055#3960055

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3960055

More information about the jboss-user mailing list