8 Replies Latest reply on Mar 20, 2007 1:50 PM by fabboco

    @Restrict - No redirection to Error Page

    fabboco
    fabboco Mar 17, 2007 11:47 AM

      Hi,

      since no one answered to my previous post (http://www.jboss.com/index.html?module=bb&op=viewtopic&t=104141) I decided to remove trinidad from my application.

      Now I am using jsf 1.2 only and I downloaded jboss-seam-CVS.20070317

      Anyway when I try to call a method annotated with

      @Restrict("#{s:hasRole('Administrator')}")


      I am redirected to the SEAM debug page with the following message 
      Authorization check failed for expression [#{s:hasRole('Administrator')}]


      instead to my Error.xhtml page.

      Where am I wrong ?

      Is anybody was able to have the behavior described into the SEAM documentation ?

      Thank you

      Fab.

      MY CONFIG FILES 
      <pages login-view-id="/Login.xhtml" >

 <page conversation-required="false" login-required="true" switch="enabled" view-id="*"/>

 <page conversation-required="false" login-required="false" switch="enabled" view-id="/Login.xhtml">

 <navigation>
 <rule if="#{identity.loggedIn}">
 <redirect view-id="/list/ProgettoList.xhtml"/>
 </rule>
 </navigation>
 </page>

.........

 <exception class="org.jboss.seam.security.AuthorizationException">
 <!-- <end-conversation before-redirect="true" /> -->
 <redirect view-id="/Error.xhtml">
 <message severity="warn">Non autorizzato all'operazione</message>
 </redirect>
 </exception>

.........

</pages>



      <?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5"
 xmlns="http://java.sun.com/xml/ns/javaee"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">


 <!-- Seam -->

 <context-param>
 <param-name>org.jboss.seam.core.init.debug</param-name>
 <param-value>true</param-value>
 </context-param>

 <listener>
 <listener-class>org.jboss.seam.servlet.SeamListener</listener-class>
 </listener>

 <servlet>
 <servlet-name>Seam Resource Servlet</servlet-name>
 <servlet-class>org.jboss.seam.servlet.ResourceServlet</servlet-class>
 </servlet>

 <servlet-mapping>
 <servlet-name>Seam Resource Servlet</servlet-name>
 <url-pattern>/seam/resource/*</url-pattern>
 </servlet-mapping>

 <filter>
 <filter-name>Seam Filter</filter-name>
 <!-- <filter-class>org.jboss.seam.web.SeamFilter</filter-class> -->
 <filter-class>org.jboss.seam.servlet.SeamExceptionFilter</filter-class>
 </filter>

 <filter-mapping>
 <filter-name>Seam Filter</filter-name>
 <url-pattern>/*</url-pattern>
 </filter-mapping>

 <!-- JSF -->

 <context-param>
 <param-name>javax.faces.STATE_SAVING_METHOD</param-name>
 <param-value>client</param-value>
 </context-param>

 <context-param>
 <param-name>javax.faces.DEFAULT_SUFFIX</param-name>
 <param-value>.xhtml</param-value>
 </context-param>

 <context-param>
 <param-name>facelets.DEVELOPMENT</param-name>
 <param-value>true</param-value>
 </context-param>

 <servlet>
 <servlet-name>Faces Servlet</servlet-name>
 <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
 <load-on-startup>1</load-on-startup>
 </servlet>

 <servlet-mapping>
 <servlet-name>Faces Servlet</servlet-name>
 <url-pattern>*.seam</url-pattern>
 </servlet-mapping>

 <!-- JSF RI -->

 <listener>
 <listener-class>com.sun.faces.config.ConfigureListener</listener-class>
 </listener>

 <welcome-file-list>
 <welcome-file>Index.jsp</welcome-file>
 </welcome-file-list>

</web-app>



      
<faces-config version="1.2"
 xmlns="http://java.sun.com/xml/ns/javaee"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-facesconfig_1_2.xsd">

 <application>
 <!-- <view-handler>org.jboss.seam.ui.facelet.SeamFaceletViewHandler1</view-handler> -->
 <view-handler>anomalie.MyViewHandler</view-handler>

 <message-bundle>messages</message-bundle>

 <locale-config>
 <default-locale>it_IT</default-locale>
 <supported-locale>it</supported-locale>
 </locale-config>

 <el-resolver>org.jboss.seam.jsf.SeamELResolver</el-resolver>
 </application>

 <lifecycle>
 <phase-listener>org.jboss.seam.jsf.SeamPhaseListener</phase-listener>
 </lifecycle>

<faces-config>


      • 6902 Views
      • Tags:
        • 1. Re: @Restrict - No redirection to Error Page
          gavin.king
          gavin.king Mar 17, 2007 12:18 PM (in response to fabboco)

          This works just perfect, people!

          Generate an app using seam-gen. Generate an action. Add @Restrict("#{identity.loggedIn}") to the action method. Watch what happens.

          Now fix your code to look like seam-gen.

            • Actions
          • 2. Re: @Restrict - No redirection to Error Page
            gavin.king
            gavin.king Mar 17, 2007 12:35 PM (in response to fabboco)

            Actually the best way to get an authorization exception in seam-gen is to just do a plain @Restrict, or @Restrict("#{false}").

              • Actions
            • 3. Re: @Restrict - No redirection to Error Page
              fabboco
              fabboco Mar 19, 2007 6:01 AM (in response to fabboco)

              Gavin,

              thank you for your answer. I followed your suggestion and I have generated a test application and few form actions.

              If I restrict the access to an action method, everything works fine. When the authenticated user has not the Administrator role, the error page is shown.

              
@Stateful
@Name("test1")
public class Test1Bean implements Test1 {

 @Logger private Log log;

 @In FacesMessages facesMessages;

 private String value;

 @Restrict("#{s:hasRole('Administrator')}")
 public void test1()
 {
 //implement your business logic here
 log.info("test1.test1() action called with: #{test1.value}");
 facesMessages.add("test1 #{test1.value}");
 }

 //add additional action methods

 @Length(max=10)
 public String getValue()
 {
 return value;
 }

 public void setValue(String value)
 {
 this.value = value;
 }

 @Destroy @Remove
 public void destroy() {}

}




              .......
 <h:form id="test1Form">

 <div class="dialog">
 <s:validateAll>
 <div class="prop">
 <span class="name">Value</span>
 <span class="value">
 <s:decorate>
 <h:inputText id="value" required="true"
 value="#{test1.value}"/>
 </s:decorate>
 </span>
 </div>
 </s:validateAll>
 </div>

 <div class="actionButtons">
 <h:commandButton id="test1" value="test1" action="#{test1.test1}"/>
 </div>

 </h:form>
.........


              Then I have tried to put the restriction annotation to a method that return a value (what I was trying to do in my application): 

              @Stateful
@Name("test2")
public class Test2Bean implements Test2 {

 @Logger private Log log;

 @In FacesMessages facesMessages;

 private String value = "Hello";

 public void test2()
 {
 //implement your business logic here
 log.info("test2.test2() action called with: #{test2.value}");
 facesMessages.add("test2 #{test2.value}");
 }

 //add additional action methods

 @Length(max=10)
 @Restrict("#{s:hasRole('Administrator')}")
 //@Restrict("#{s:hasRole('admin')}")
 public String getValue()
 {
 return value;
 }

 public void setValue(String value)
 {
 this.value = value;
 }

 @Destroy @Remove
 public void destroy() {}

}


              In this scenario I get an error message since the user is not logged in: 

              javax.faces.el.EvaluationException: /test2.xhtml @28,61 value="#{test2.value}": Exception getting value of property value of base of type : org.javassist.tmp.java.lang.Object_$$_javassist_2
 at com.sun.facelets.el.LegacyValueBinding.getValue(LegacyValueBinding.java:60)
 at javax.faces.component.UIOutput.getValue(UIOutput.java:77)
 at org.apache.myfaces.shared_impl.renderkit.RendererUtils.getStringValue(RendererUtils.java:217)
 at org.apache.myfaces.shared_impl.renderkit.html.HtmlTextRendererBase.renderInput(HtmlTextRendererBase.java:135)
 at org.apache.myfaces.shared_impl.renderkit.html.HtmlTextRendererBase.encodeEnd(HtmlTextRendererBase.java:53)
 at javax.faces.component.UIComponentBase.encodeEnd(UIComponentBase.java:536)
 at org.jboss.seam.ui.JSF.renderChild(JSF.java:179)
 at org.jboss.seam.ui.JSF.renderChildren(JSF.java:162)
 at org.jboss.seam.ui.UIDecorate.encodeChildren(UIDecorate.java:242)
 at org.ajax4jsf.framework.renderer.RendererBase.renderChild(RendererBase.java:282)
 at org.ajax4jsf.framework.renderer.RendererBase.renderChildren(RendererBase.java:262)
 at org.ajax4jsf.framework.renderer.RendererBase.renderChild(RendererBase.java:284)
 at org.ajax4jsf.framework.renderer.RendererBase.renderChildren(RendererBase.java:262)
 at org.ajax4jsf.framework.renderer.RendererBase.renderChild(RendererBase.java:284)
 at org.ajax4jsf.framework.renderer.RendererBase.renderChildren(RendererBase.java:262)
 at org.richfaces.renderkit.html.PanelRenderer.doEncodeChildren(PanelRenderer.java:189)
 at org.richfaces.renderkit.html.PanelRenderer.doEncodeChildren(PanelRenderer.java:184)
 at org.ajax4jsf.framework.renderer.RendererBase.encodeChildren(RendererBase.java:121)
 at javax.faces.component.UIComponentBase.encodeChildren(UIComponentBase.java:524)
 at com.sun.facelets.tag.jsf.ComponentSupport.encodeRecursive(ComponentSupport.java:244)
 at com.sun.facelets.tag.jsf.ComponentSupport.encodeRecursive(ComponentSupport.java:249)
 at com.sun.facelets.FaceletViewHandler.renderView(FaceletViewHandler.java:573)
 at org.ajax4jsf.framework.ViewHandlerWrapper.renderView(ViewHandlerWrapper.java:108)
 at org.ajax4jsf.framework.ajax.AjaxViewHandler.renderView(AjaxViewHandler.java:229)
 at org.apache.myfaces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:384)
 at javax.faces.webapp.FacesServlet.service(FacesServlet.java:138)
 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
 at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:63)
 at org.jboss.seam.debug.hot.HotDeployFilter.doFilter(HotDeployFilter.java:60)
 at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
 at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:45)
 at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
 at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:57)
 at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
 at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:79)
 at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
 at org.jboss.seam.web.SeamFilter.doFilter(SeamFilter.java:84)
 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
 at org.ajax4jsf.framework.ajax.xmlfilter.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:96)
 at org.ajax4jsf.framework.ajax.xmlfilter.BaseFilter.doFilter(BaseFilter.java:220)
 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
 at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
 at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
 at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
 at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175)
 at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:432)
 at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74)
 at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
 at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
 at org.jboss.web.tomcat.tc5.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:156)
 at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
 at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
 at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
 at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
 at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
 at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
 at java.lang.Thread.run(Thread.java:595)
Caused by: javax.faces.el.EvaluationException: Bean: org.javassist.tmp.java.lang.Object_$$_javassist_2, property: value
 at org.apache.myfaces.el.PropertyResolverImpl.getProperty(PropertyResolverImpl.java:442)
 at org.apache.myfaces.el.PropertyResolverImpl.getValue(PropertyResolverImpl.java:82)
 at com.sun.facelets.el.LegacyELContext$LegacyELResolver.getValue(LegacyELContext.java:141)
 at com.sun.el.parser.AstValue.getValue(AstValue.java:125)
 at com.sun.el.ValueExpressionImpl.getValue(ValueExpressionImpl.java:195)
 at com.sun.facelets.el.TagValueExpression.getValue(TagValueExpression.java:71)
 at com.sun.facelets.el.LegacyValueBinding.getValue(LegacyValueBinding.java:56)
 ... 61 more
Caused by: java.lang.reflect.InvocationTargetException
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 at java.lang.reflect.Method.invoke(Method.java:585)
 at org.apache.myfaces.el.PropertyResolverImpl.getProperty(PropertyResolverImpl.java:438)
 ... 67 more
Caused by: org.jboss.seam.security.NotLoggedInException
 at org.jboss.seam.security.Identity.checkRestriction(Identity.java:156)
 at org.jboss.seam.interceptors.SecurityInterceptor.aroundInvoke(SecurityInterceptor.java:35)
 at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:69)
 at org.jboss.seam.interceptors.RemoveInterceptor.aroundInvoke(RemoveInterceptor.java:40)
 at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:69)
 at org.jboss.seam.intercept.RootInterceptor.invoke(RootInterceptor.java:103)
 at org.jboss.seam.intercept.ClientSideInterceptor.invoke(ClientSideInterceptor.java:50)
 at org.javassist.tmp.java.lang.Object_$$_javassist_2.getValue(Object_$$_javassist_2.java)
 ... 72 more


              Then I changed the pages.xml files adding 
              <page view-id="/test2.xhtml" login-required="true" />


              In this scenario, calling test2.seam, the login page is shown before, but the Authorization error is not trapped correctly and the error page is not shown. The standard debug page is shown instead with the following error: 

              javax.faces.el.EvaluationException: /test2.xhtml @28,61 value="#{test2.value}": Exception getting value of property value of base of type : org.javassist.tmp.java.lang.Object_$$_javassist_4
 at com.sun.facelets.el.LegacyValueBinding.getValue(LegacyValueBinding.java:60)
 at javax.faces.component.UIOutput.getValue(UIOutput.java:77)
 at org.apache.myfaces.shared_impl.renderkit.RendererUtils.getStringValue(RendererUtils.java:217)
 at org.apache.myfaces.shared_impl.renderkit.html.HtmlTextRendererBase.renderInput(HtmlTextRendererBase.java:135)
 at org.apache.myfaces.shared_impl.renderkit.html.HtmlTextRendererBase.encodeEnd(HtmlTextRendererBase.java:53)
 at javax.faces.component.UIComponentBase.encodeEnd(UIComponentBase.java:536)
 at org.jboss.seam.ui.JSF.renderChild(JSF.java:179)
 at org.jboss.seam.ui.JSF.renderChildren(JSF.java:162)
 at org.jboss.seam.ui.UIDecorate.encodeChildren(UIDecorate.java:242)
 at org.ajax4jsf.framework.renderer.RendererBase.renderChild(RendererBase.java:282)
 at org.ajax4jsf.framework.renderer.RendererBase.renderChildren(RendererBase.java:262)
 at org.ajax4jsf.framework.renderer.RendererBase.renderChild(RendererBase.java:284)
 at org.ajax4jsf.framework.renderer.RendererBase.renderChildren(RendererBase.java:262)
 at org.ajax4jsf.framework.renderer.RendererBase.renderChild(RendererBase.java:284)
 at org.ajax4jsf.framework.renderer.RendererBase.renderChildren(RendererBase.java:262)
 at org.richfaces.renderkit.html.PanelRenderer.doEncodeChildren(PanelRenderer.java:189)
 at org.richfaces.renderkit.html.PanelRenderer.doEncodeChildren(PanelRenderer.java:184)
 at org.ajax4jsf.framework.renderer.RendererBase.encodeChildren(RendererBase.java:121)
 at javax.faces.component.UIComponentBase.encodeChildren(UIComponentBase.java:524)
 at com.sun.facelets.tag.jsf.ComponentSupport.encodeRecursive(ComponentSupport.java:244)
 at com.sun.facelets.tag.jsf.ComponentSupport.encodeRecursive(ComponentSupport.java:249)
 at com.sun.facelets.FaceletViewHandler.renderView(FaceletViewHandler.java:573)
 at org.ajax4jsf.framework.ViewHandlerWrapper.renderView(ViewHandlerWrapper.java:108)
 at org.ajax4jsf.framework.ajax.AjaxViewHandler.renderView(AjaxViewHandler.java:229)
 at org.apache.myfaces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:384)
 at javax.faces.webapp.FacesServlet.service(FacesServlet.java:138)
 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
 at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:63)
 at org.jboss.seam.debug.hot.HotDeployFilter.doFilter(HotDeployFilter.java:60)
 at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
 at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:45)
 at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
 at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:57)
 at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
 at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:79)
 at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
 at org.jboss.seam.web.SeamFilter.doFilter(SeamFilter.java:84)
 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
 at org.ajax4jsf.framework.ajax.xmlfilter.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:96)
 at org.ajax4jsf.framework.ajax.xmlfilter.BaseFilter.doFilter(BaseFilter.java:220)
 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
 at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
 at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
 at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
 at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175)
 at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:432)
 at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74)
 at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
 at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
 at org.jboss.web.tomcat.tc5.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:156)
 at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
 at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
 at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
 at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
 at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
 at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
 at java.lang.Thread.run(Thread.java:595)
Caused by: javax.faces.el.EvaluationException: Bean: org.javassist.tmp.java.lang.Object_$$_javassist_4, property: value
 at org.apache.myfaces.el.PropertyResolverImpl.getProperty(PropertyResolverImpl.java:442)
 at org.apache.myfaces.el.PropertyResolverImpl.getValue(PropertyResolverImpl.java:82)
 at com.sun.facelets.el.LegacyELContext$LegacyELResolver.getValue(LegacyELContext.java:141)
 at com.sun.el.parser.AstValue.getValue(AstValue.java:125)
 at com.sun.el.ValueExpressionImpl.getValue(ValueExpressionImpl.java:195)
 at com.sun.facelets.el.TagValueExpression.getValue(TagValueExpression.java:71)
 at com.sun.facelets.el.LegacyValueBinding.getValue(LegacyValueBinding.java:56)
 ... 61 more
Caused by: java.lang.reflect.InvocationTargetException
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 at java.lang.reflect.Method.invoke(Method.java:585)
 at org.apache.myfaces.el.PropertyResolverImpl.getProperty(PropertyResolverImpl.java:438)
 ... 67 more
Caused by: org.jboss.seam.security.AuthorizationException: Authorization check failed for expression [#{s:hasRole('Administrator')}]
 at org.jboss.seam.security.Identity.checkRestriction(Identity.java:160)
 at org.jboss.seam.interceptors.SecurityInterceptor.aroundInvoke(SecurityInterceptor.java:35)
 at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:69)
 at org.jboss.seam.interceptors.RemoveInterceptor.aroundInvoke(RemoveInterceptor.java:40)
 at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:69)
 at org.jboss.seam.intercept.RootInterceptor.invoke(RootInterceptor.java:103)
 at org.jboss.seam.intercept.ClientSideInterceptor.invoke(ClientSideInterceptor.java:50)
 at org.javassist.tmp.java.lang.Object_$$_javassist_4.getValue(Object_$$_javassist_4.java)
 ... 72 more


              Then I have tried to put authorization at page level whith 
               <page view-id="/test3.xhtml" login-required="true" >
 <restrict>#{s:hasRole('Administrator')}</restrict>
 </page>

              In this scenario, after login page firefox shows an error page with the
              following message 
              The page isn't redirecting properly

Firefox has detected that the server is redirecting the request for this address in a way that will never complete.

 * This problem can sometimes be caused by disabling or refusing to accept
 cookies.


              and more and more of this messages on the application server console 
              10:59:27,562 ERROR [SeamPhaseListener] uncaught exception
org.jboss.seam.security.AuthorizationException: Authorization check failed for expression [#{s:hasRole('Administrator')}]
 at org.jboss.seam.security.Identity.checkRestriction(Identity.java:160)
 at org.jboss.seam.pages.Page.enter(Page.java:206)
 at org.jboss.seam.core.Pages.enterPage(Pages.java:276)
 at org.jboss.seam.jsf.AbstractSeamPhaseListener.enterPage(AbstractSeamPhaseListener.java:265)
 at org.jboss.seam.jsf.AbstractSeamPhaseListener.beforeRender(AbstractSeamPhaseListener.java:203)
 at org.jboss.seam.jsf.SeamPhaseListener.beforePhase(SeamPhaseListener.java:57)
 at org.apache.myfaces.lifecycle.PhaseListenerManager.informPhaseListenersBefore(PhaseListenerManager.java:70)
 at org.apache.myfaces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:373)
 at javax.faces.webapp.FacesServlet.service(FacesServlet.java:138)
 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
 at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:63)
 at org.jboss.seam.debug.hot.HotDeployFilter.doFilter(HotDeployFilter.java:60)
 at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
 at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:45)
 at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
 at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:57)
 at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
 at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:79)
 at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
 at org.jboss.seam.web.SeamFilter.doFilter(SeamFilter.java:84)
 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
 at org.ajax4jsf.framework.ajax.xmlfilter.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:96)
 at org.ajax4jsf.framework.ajax.xmlfilter.BaseFilter.doFilter(BaseFilter.java:220)
 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
 at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
 at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
 at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
 at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175)
 at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:432)
 at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74)
 at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
 at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
 at org.jboss.web.tomcat.tc5.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:156)
 at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
 at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
 at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
 at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
 at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
 at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
 at java.lang.Thread.run(Thread.java:595)
10:59:27,748 ERROR [SeamPhaseListener] uncaught exception
.........


Thank you for your attention.

Regards

Fab.


                • Actions
              • 4. Re: @Restrict - No redirection to Error Page
                gavin.king
                gavin.king Mar 19, 2007 1:26 PM (in response to fabboco)

                I think I know the problem.

                If you are calling this method as a value expression during the render phase of the JSF lifecycle, its not going to work. What you need to do is understand the JSF and servlet specs:

                There is no way I can send a redirect after I have already started to render the response. So Seam doesn't try to do that.

                So, if you need to do this kind of thing, you need to do it in a page action or something, not while evaluating a value expression.

                This is described in the documentation, of course.

                  • Actions
                • 5. Re: @Restrict - No redirection to Error Page
                  gavin.king
                  gavin.king Mar 19, 2007 1:27 PM (in response to fabboco)

                  What you can do, however is send a http error. So it makes sense to have *two* exception handlers, one just for the redirect phase.

                    • Actions
                  • 6. Re: @Restrict - No redirection to Error Page
                    fabboco
                    fabboco Mar 19, 2007 5:03 PM (in response to fabboco)

                    Gavin,

                    thank you again form your help but I still am in the mess !


                    If you are calling this method as a value expression during the render phase of the JSF lifecycle, its not going to work. What you need to do is understand the JSF and servlet specs:

                    There is no way I can send a redirect after I have already started to render the response. So Seam doesn't try to do that.


                    OK, I was trying to do a stupid think.


                    This is described in the documentation, of course


                    Seam documentation ? Where ? I am going trough it back and forth ...

                    Since, I can't check roles annotating a method called during the rendering phase, I have to make security check at page level works.

                    I wonder why this doesn't work 
                    <page view-id="/test3.xhtml" login-required="true" >
 <restrict>#{s:hasRole('Administrator')}</restrict>
</page>

                    The check should be performed before starting the response rendering. Moreover I get it from the Seam documentation.


                    What you can do, however is send a http error. So it makes sense to have *two* exception handlers, one just for the redirect phase.


                    I can't understand what you mean, can you please provide a code fragment ?

                    Regards

                    Fab.

                      • Actions
                    • 7. Re: @Restrict - No redirection to Error Page
                      gavin.king
                      gavin.king Mar 19, 2007 8:09 PM (in response to fabboco)

                      The in pages.xml will work. That is a good way to solve the problem.

                        • Actions
                      • 8. Re: @Restrict - No redirection to Error Page
                        fabboco
                        fabboco Mar 20, 2007 1:50 PM (in response to fabboco)

                        Gavin,

                        I am sorry but

                        <page view-id="/test3.xhtml" login-required="true" >
 <restrict>#{s:hasRole('Administrator')}</restrict>
</page>


                        doesn't work to me.


                        In this scenario, after login page firefox shows an error page with the
                        following message
                        
The page isn't redirecting properly

Firefox has detected that the server is redirecting the request for this address in a way that will
never complete.

 * This problem can sometimes be caused by disabling or refusing to accept
 cookies.


                        and more and more of this messages on the application server console
                        
10:59:27,562 ERROR [SeamPhaseListener] uncaught exception
org.jboss.seam.security.AuthorizationException: Authorization check failed for expression [#{s:hasRo
le('Administrator')}]
 at org.jboss.seam.security.Identity.checkRestriction(Identity.java:160)
 at org.jboss.seam.pages.Page.enter(Page.java:206)
 at org.jboss.seam.core.Pages.enterPage(Pages.java:276)
 at org.jboss.seam.jsf.AbstractSeamPhaseListener.enterPage(AbstractSeamPhaseListener.java:265
)
 at org.jboss.seam.jsf.AbstractSeamPhaseListener.beforeRender(AbstractSeamPhaseListener.java:
203)
 at org.jboss.seam.jsf.SeamPhaseListener.beforePhase(SeamPhaseListener.java:57)
 at org.apache.myfaces.lifecycle.PhaseListenerManager.informPhaseListenersBefore(PhaseListene
rManager.java:70)
 at org.apache.myfaces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:373)
 at javax.faces.webapp.FacesServlet.service(FacesServlet.java:138)
 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j
ava:252)
 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)

 at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:63)
 at org.jboss.seam.debug.hot.HotDeployFilter.doFilter(HotDeployFilter.java:60)
 at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
 at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:45)
 at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
 at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:57)
 at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
 at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:79)
 at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
 at org.jboss.seam.web.SeamFilter.doFilter(SeamFilter.java:84)
 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j
ava:202)
 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)

 at org.ajax4jsf.framework.ajax.xmlfilter.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:96)
 at org.ajax4jsf.framework.ajax.xmlfilter.BaseFilter.doFilter(BaseFilter.java:220)
 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j
ava:202)
 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)

 at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j
ava:202)
 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)

 at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
 at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
 at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.ja
va:175)
 at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:432)
 at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74)
 at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
 at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
 at org.jboss.web.tomcat.tc5.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:156)

 at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
 at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
 at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
 at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Htt
p11BaseProtocol.java:664)
 at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
 at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
 at java.lang.Thread.run(Thread.java:595)
10:59:27,748 ERROR [SeamPhaseListener] uncaught exception
.........



                        Any suggest ? Is my problem related to any known bug ?

                        Thank you

                        Regards

                        Fab.

                          • Actions