[jboss-user] [JBoss Seam] - pages.xml restrict rule does not work in 2.0 GA
samdoyle
do-not-reply at jboss.com
Fri Nov 30 21:45:30 EST 2007
I had this rule by mistake in my pages.xml:
| <page view-id="/notificationAdmin.xhtml" login-required="true">
| <restrict>#{s:hasRole('ultra-user')}</restrict>
| </page>
|
There is no ultra-user role yet I can still access the notificationAdmin. An exception is thrown but I still can access the page.
| org.jboss.seam.security.AuthorizationException: Authorization check failed for expression [#{s:hasRole('ultra-user')}]
| at org.jboss.seam.security.Identity.checkRestriction(Identity.java:227)
| at org.jboss.seam.navigation.Page.checkPermission(Page.java:218)
| at org.jboss.seam.navigation.Page.preRender(Page.java:238)
| at org.jboss.seam.navigation.Pages.preRender(Pages.java:309)
| at org.jboss.seam.jsf.SeamPhaseListener.preRenderPage(SeamPhaseListener.java:544)
| at org.jboss.seam.jsf.SeamPhaseListener.beforeRenderResponse(SeamPhaseListener.java:455)
| at org.jboss.seam.jsf.SeamPhaseListener.beforeServletPhase(SeamPhaseListener.java:146)
| at org.jboss.seam.jsf.SeamPhaseListener.beforePhase(SeamPhaseListener.java:116)
| at com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:222)
| at com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:144)
| at javax.faces.webapp.FacesServlet.service(FacesServlet.java:245)
| at org.apache.catalina.core.ApplicationFilterChain.servletService(ApplicationFilterChain.java:411)
| at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:317)
| at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:198)
| at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:83)
| at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:85)
| at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
| at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:64)
| at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
| at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:44)
| at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
| at org.ajax4jsf.webapp.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:141)
| at org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:281)
| at org.jboss.seam.web.Ajax4jsfFilter.doFilter(Ajax4jsfFilter.java:60)
| at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
| at org.jboss.seam.debug.hot.HotDeployFilter.doFilter(HotDeployFilter.java:68)
| at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
| at org.jboss.seam.servlet.SeamFilter.doFilter(SeamFilter.java:158)
| at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:230)
| at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:198)
| at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:288)
| at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:271)
| at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:202)
| at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
| at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
| at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:94)
| at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:206)
| at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
| at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
| at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
| at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
| at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:150)
| at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
| at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
| at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
| at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
| at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:270)
| at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.invokeAdapter(DefaultProcessorTask.java:637)
| at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.doProcess(DefaultProcessorTask.java:568)
| at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.process(DefaultProcessorTask.java:813)
| at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.executeProcessorTask(DefaultReadTask.java:341)
| at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:263)
| at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:214)
| at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:265)
| at com.sun.enterprise.web.connector.grizzly.ssl.SSLWorkerThread.run(SSLWorkerThread.java:106)
| |#]
|
|
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4109504#4109504
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4109504
More information about the jboss-user
mailing list