2 Replies Latest reply on Nov 30, 2007 5:07 PM by javalover75

    Security Design Question

    javalover75
    javalover75 Nov 30, 2007 12:40 PM

      I am developing a subscription based site. When authenticating users I would like to be able to do the following. If the user has valid credentials, but the account is not active (through cancelation, credit card failure, etc.) I would like to redirect the user to a page that allows them to reactivate the account by entering new credit card information. In this case the login has a different outcome than just failed or successful.

      I have not seen an obvious way to accomplish this task with Seam Security. Does anyone have any suggestions?

      Thanks in advance.

      • 1358 Views
      • Tags:
        • 1. Re: Security Design Question
          damianharvey
          damianharvey Nov 30, 2007 2:09 PM (in response to javalover75)

          Set up a navigation rule that directs the user to your reactivation page from login (eg. based on some status):

           <navigation from-action="#{identity.login}">
 <rule if="#{identity.loggedIn && user.status == 'ACTIVE'}">
 <redirect view-id="/normalHomePage.xhtml"/>
 </rule>
 <rule if="#{identity.loggedIn && user.status == 'INACTIVE'}">
 <redirect view-id="/activationPage.xhtml"/>
 </rule>
 </navigation>

          You would set the status in the authenticator class and outject the User bean (or wherever you want to store the status).

          Cheers,

          Damian.

            • Actions
          • 2. Re: Security Design Question
            javalover75
            javalover75 Nov 30, 2007 5:07 PM (in response to javalover75)

            Damian,

            Thanks for the quick reply. It is appreciated. This helped me get past my mind block and solve my problem.

            Thanks Again.

              • Actions