Hi, I've encountered quite strange Seam behavior in my project.
I setup security framework and it works great for restricting access to mehods
(in EJB) and to UI elements (in *.xhtml with s:hasRole).
All security exceptions redirected to default security page.
Now I setup page security in page.xml:
<page view-id="/page1.xhtml" login-required="true"> <restrict>#{s:hasRole('admin')}</restrict> </page>
<exception class="org.jboss.seam.security.AuthorizationException"> <end-conversation/> <redirect view-id="/error.xhtml"> <message severity="WARN">Access denied</message> </redirect> </exception>