[jboss-user] [JBoss Seam] - Help about permissions with seam-security
gaboo
do-not-reply at jboss.com
Sat Feb 3 22:20:05 EST 2007
Hello !
I'm trying the latest seam with seam-security.
Using roles is pretty easy, but I haven't managed using permissions yet.
It's really hard to write rules when you're new to JBoss Rules.
How can I debug my rules ?
I know they does not work. Is there a jboss rules "verbose+debug" mode, which could help writing, underderstanding and debuging seam-security rules ?
I also added some restrictions to pages.xml.
No way either to verify it's correct as I have no feedback.
I have this in pages.xml
| <page view-id="/userList.xhtml">
| <restrict/>
| </page>
| <page view-id="/userList.*">
| <restrict/>
| </page>
And this in my rules file :
package Permissions;
|
| import java.security.Principal;
|
| import org.jboss.seam.security.PermissionCheck;
| import org.jboss.seam.security.Role;
|
| rule CanUserViewUserList
| when
| c: PermissionCheck(page : name, name == "/userList.xhtml", action == "render")
| Role(name == "admin")
| then
| System.out.println("test : " + page);
| c.grant();
| end;
And a potential bug I think : in seamspace example, if you are not logged in and try to access
http://localhost:8080/seam-space/comment.xhtml
It works but the file is downloaded (usgin firefox).
If you go to http://localhost:8080/seam-space/comment.seam : you indeed get a org.jboss.seam.security.NotLoggedInException.
Thank you !
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4010631#4010631
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4010631
More information about the jboss-user
mailing list