3 Replies Latest reply on Mar 1, 2007 6:25 AM by baz

    minor seam security questions

    ask4saif

      Dear fellows,

      I am new to seam security, although i have studied the ref manual but i have few questions. Currently I am using seam 1.1.5 GA.

      Question 1:
      After the authentication of the user if I want to redirect the user to the required page. how can i do that, because the return type of authenticator method is boolean?

      Question 2:
      HOw can I define and load permissions in seam security? I have seen the security rules but i dont know where are the permissions defined.

      Question 3:
      How can I check one component on a page for multiple roles or permissions:

      My DB structure has following tables for security:
      1: Privileges
      2: Roles
      3:RolePrivileges
      4:Customer Roles
      5:Customers


      Thank You.

        • 1. Re: minor seam security questions
          baz

          Hello,
          the security stuff has changed with Seam 1.1.6.
          I would suggest to upgrade to Seam 1.2.0 or at least read the Seam 1.2.0 Documentation (it was enhanced).
          After that, you can ask again if some of your questions remain unclear.
          Sorry, i am not able to help you out with 1.1.5
          I have never managed to get security running with 1.1.5.

          • 2. Re: minor seam security questions
            ask4saif


            Thanx baz for ur reply,

            I am currently studying the ref manual of seam 1.2.0, but still i dont know how to define and check permissions or privileges for one component.

            In my application I have multiple roles and the roles have assigned privileges(permissions). Multiple roles can be assigned to a single user.

            Now I am a little confused how to check multiple roles for a single component. The component might be of the web or the EJBs or java classes.

            can you help me on this.

            • 3. Re: minor seam security questions
              baz

              These steps can help:
              1. study the seamspace example
              2. read the Jboss Rules doc(http://labs.jboss.com/portal/jbossrules/docs/index.html)

              Make yourself clear what do you need, security for EJBs or security for the web pages.

              The later is configured with the seam tags (s:hasRole etc)
              The first is configured in your rules file.
              For that you need to understand Jboss Rules.
              Hope this helps for the beginning.