[jboss-user] [JBoss Seam] - Re: Securing components

rapowder do-not-reply at jboss.com
Tue Jul 3 05:08:12 EDT 2007

Something else: if I call the method addRole() after id.authenticate() the role is actually added, but when I load the pages where I actually want to check if the user is ADMIN (see first post when i call delete()) the method still returns false.

Some additional info: I declared the authenticator method in components.xml as follows:

<security:identity authenticate-method="#{login.authenticate}"/>

and pages.xml looks like follows:

  | <pages login-view-id="/auth_login.xhtml">
  | ...
  |       <page view-id="/mypage.xhtml" no-conversation-view-id="/auth_login.xhtml" login-required="true">
  |            ...
  |       </page>
  | ...
  | </pages>

I noticed that if I don't call the authenticate() method manually from the login page (see first post) it is never called and any page that I try to render redirects me to the login page. Shouldn't the authenticate method be called automatically?

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4059835#4059835

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4059835

More information about the jboss-user mailing list