Seam Security: authentication and authorization example want

vladimir.kovalyuk Jan 15, 2007 3:36 PM

I downloaded the latest Seam Build and tried to incorporate Seam Security as it's explained in Chapter 21.
I didn't manage to make security filter work.

Probably a simple example would help.

1. Re: Seam Security: authentication and authorization example

js8523 Jan 15, 2007 3:49 PM (in response to vladimir.kovalyuk)

Try the seamspace example (from CVS Seam project).
Actions
2. Re: Seam Security: authentication and authorization example

vladimir.kovalyuk Jan 16, 2007 7:37 AM (in response to vladimir.kovalyuk)
While debugging the configuration from the documentation

<security-config> <security-constraint> <web-resource-collection> <web-resource-name>Secure Page</web-resource-name> <url-pattern>/secure/*.seam</url-pattern> </web-resource-collection> <auth-constraint> <role-name>admin</role-name> </auth-constraint> </security-constraint> </security-config>

I realized that the problem is in SecurityConstraint.matchPattern(String path, String pattern)

I replaced
<url-pattern>/secure/*.seam</url-pattern>
with
<url-pattern>/secure/*</url-pattern>

It helps.
I believe it's a bug.
Actions
3. Re: Seam Security: authentication and authorization example

shane.bryzak Jan 16, 2007 8:10 AM (in response to vladimir.kovalyuk)
Actually the docs were wrong, I've fixed it now. Wildcards can only be used at the start of the url-pattern, e.g:

<url-pattern>*.seam</url-pattern>

or at the end:

<url-pattern>/secure/*</url-pattern>
Actions

Go to original post