RichFaces + Acegi

akakunin Oct 31, 2007 2:41 PM

Hello, all!
We are using RichFaces in SpringFramework based Application, used Acegi Security framework for authentication/authorization.

In Acegi we should specify the map of resources with roles, allowed to access them. Of course, for all a4j & richfaces based resources we should allow anonymous access (to be able to use scripts, css and other staff from a4j even if user is not logged in).

In prevous version, then all resources of a4j was placed in one folder - it was very easy to do - we just created one common rule like:

/a4j.res/**=ROLE_ANONYMOUS,ROLE_EMFORGEUSER

Now - we should create a set of rules like:

/a4j_3_1_2.gaorg/**=ROLE_ANONYMOUS,ROLE_EMFORGEUSER
/a4j_3_1_2.gascripts/**=ROLE_ANONYMOUS,ROLE_EMFORGEUSER
/a4j_3_1_2.gacss/**=ROLE_ANONYMOUS,ROLE_EMFORGEUSER
/a4j_3_1_2.gaorg.richfaces.renderkit.html.gradienta/**=ROLE_ANONYMOUS,ROLE_EMFORGEUSER
/a4j_3_1_2.gaimages/**=ROLE_ANONYMOUS,ROLE_EMFORGEUSER
/a4j_3_1_2.gaorg.richfaces.renderkit.html.images.dotseparatorimage/**=ROLE_ANONYMOUS,ROLE_EMFORGEUSER

And always fount new resources we should add.

I understand - that this question related not only to richfaces - but to acegi - but probably somebody here already found the way to specify some one rule for all a4j resources?

1. Re: RichFaces + Acegi

steven.whatmore Nov 16, 2007 1:50 PM (in response to akakunin)
It is still fairly easy to do this with the ACEGI framework since it supports something along the lines of

/a4j*/**=ROLE_USER,ROLE_SYSTEM_ADMINISTRATOR,ROLE_ADMINISTRATOR,ROLE_ANONYMOUS

Where the /a4j*/** is the regex (I believe) expression for all the a4j folders.

I hope this helps.

Whattyy
Actions