This project is read only now.

1 Reply Latest reply on Mar 8, 2008 6:12 PM by bogdanminciu.bogdan.minciu.yahoo.com

Securing pages leads to HTTP Status 404

bogdanminciu.bogdan.minciu.yahoo.com Mar 8, 2008 5:38 PM

As I read from chapter 13.6.4. Securing pages of the Seam Reference, the way of securing access to certain pages though Seam Security Module is to include a <restrict> element. And I did something like this in my pages.xml:

<page view-id="/xcms/home.xhtml">
    <restrict>#{s:hasRole('user')}</restrict>
</page>

When trying to access the /xcms/home.xhtml page as a non-logged in user, a org.jboss.seam.security.NotLoggedInException is thrown and I'm kindly redirected to the /login.xhtml. So the restrict works so far.

But after I log-in and try to access /xcms/home.xhtml I got an ugly 404:

HTTP Status 404 - /xcms/home.seam
type Status report
message /xcms/home.seam
description The requested resource (/xcms/home.seam) is not available.
JBossWeb/2.0.1.GA

I placed on other page some checking:

<h:outputText value="#{s:hasRole('user')}"/>
<h:outputText value="#{identity.hasRole('user')}"/>

to see if something went wrong in the authenticate() method, but both expressions are evaluated to true, so the logged user received the 'user' role.

Could anyone please post a hint on where I went wrong? Thank you in advance,

Bogdan.

1. Re: Securing pages leads to HTTP Status 404

bogdanminciu.bogdan.minciu.yahoo.com Mar 8, 2008 6:12 PM (in response to bogdanminciu.bogdan.minciu.yahoo.com)

Ok, nevermind, I have found the error. It was a typo in my template parameter of the <ui:composition> tag.

Anyway, this HTTP 404 for /xcms/home.xhtml seems to me a way to high level of error report. I was expecting to receive an error for the missing template(and not the whole file); something like a missing included file.
Actions