-
30. Re: Invitation to try new Seam authentication features
m79 Jan 17, 2007 9:37 PM (in response to shane.bryzak)I'm a beginner in Seam and i'm trying to implement authenticatication but I have no idea how? I've read http://wiki.jboss.org/wiki/Wiki.jsp?page=SeamAuthenticationGuide
but I dont understan much of it...
can somebody help? somebody have a tutorial? or a how to do it step by step?
I will really appreciate your help.. -
31. Re: Invitation to try new Seam authentication features
shane.bryzak Jan 17, 2007 11:58 PM (in response to shane.bryzak)The information on the wiki page is redundant now. The new Seam security API is due to be released next week, or if you want to try it now you can check out the latest version from CVS. The documentation is still being written, but there is more than enough information there to get authentication set up. Plus you can look at the seamspace example to see how the security API is used.
-
32. Re: Invitation to try new Seam authentication features
vladimir.kovalyuk Jan 18, 2007 5:31 AM (in response to shane.bryzak)I've tried it out. It works.
But it requires some effort for working out an approach of returning the user to the requested page after he successfully logged in.
Is it planned for seamspace example?
Shane, I'm looking forward for that release. Especially for authorization based on Rules. -
33. Re: Invitation to try new Seam authentication features
lundegaard Jan 18, 2007 6:01 AM (in response to shane.bryzak)Is it possible to check authorization before RESTORE_VIEW?
I had some problems, since without an authenticated user the @In attribute threw an exception.
And I don't want to have 404s for unauthorized users, when there isn't an existing file for the requested view.
Regards,
Thomas -
34. Re: Invitation to try new Seam authentication features
shane.bryzak Jan 18, 2007 7:04 AM (in response to shane.bryzak)"vladimir.kovalyuk" wrote:
But it requires some effort for working out an approach of returning the user to the requested page after he successfully logged in.
Is it planned for seamspace example?
This feature unfortunately won't be in the initial release. It's quite a tricky thing to implement, because there's a number of scenarios that need to be dealt with. It's definitely planned though. -
35. Re: Invitation to try new Seam authentication features
shane.bryzak Jan 18, 2007 7:06 AM (in response to shane.bryzak)"Lundegaard" wrote:
Is it possible to check authorization before RESTORE_VIEW?
I had some problems, since without an authenticated user the @In attribute threw an exception.
And I don't want to have 404s for unauthorized users, when there isn't an existing file for the requested view.
What are you trying to inject with @In? -
36. Re: Invitation to try new Seam authentication features
lundegaard Jan 18, 2007 9:57 AM (in response to shane.bryzak)
Is it possible to check authorization before RESTORE_VIEW?
I had some problems, since without an authenticated user the @In attribute threw an exception.
And I don't want to have 404s for unauthorized users, when there isn't an existing file for the requested view.
What are you trying to inject with @In?
A class similar to org.jboss.seam.example.seamspace.LoginAction from where I get my authenticated user. Of course I solved the problem with @In(create=true), but nevertheless I think, it would be more consistent, if a non-authorized user had no access to resources with a security-constraint.
I just expected that unauthorized users won't get access to any existing or not-existing resource and so no bijection will occur for these resources.
Regards,
Thomas