[jboss-user] [JBoss Seam] - Help about permissions with seam-security

gaboo do-not-reply at jboss.com
Sat Feb 3 22:20:05 EST 2007

Hello !

I'm trying the latest seam with seam-security.

Using roles is pretty easy, but I haven't managed using permissions yet.
It's really hard to write rules when you're new to JBoss Rules.

How can I debug my rules ?
I know they does not work. Is there a jboss rules "verbose+debug" mode, which could help writing, underderstanding and debuging seam-security rules ?

I also added some restrictions to pages.xml.
No way either to verify it's correct as I have no feedback.

I have this in pages.xml

  | <page view-id="/userList.xhtml">
  | 	<restrict/>
  | </page>
  | <page view-id="/userList.*">
  | 	<restrict/>
  | </page>

And this in my rules file :
package Permissions;
  | import java.security.Principal;
  | import org.jboss.seam.security.PermissionCheck;
  | import org.jboss.seam.security.Role;
  | rule CanUserViewUserList
  | when
  | 	c: PermissionCheck(page : name, name == "/userList.xhtml", action == "render")
  |        Role(name == "admin")
  | then
  | 	System.out.println("test : " + page);
  | 	c.grant();
  | end;   

And a potential bug I think : in seamspace example, if you are not logged in and try to access 
It works but the file is downloaded (usgin firefox).
If you go to http://localhost:8080/seam-space/comment.seam : you indeed get a org.jboss.seam.security.NotLoggedInException.

Thank you !

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4010631#4010631

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4010631

More information about the jboss-user mailing list