4 Replies Latest reply on Apr 11, 2008 9:51 AM by shane.bryzak

    capturing a non-authorized navigation

      I´m using seam 1.2.1.


      Is there an event to capture a non-authorized navigation, at pages.xml, in order to trigger the #{redirect.captureCurrentView action} ?


      Maybe in seam newest versions ?


      Tks,
      Renato

        • 1. Re: capturing a non-authorized navigation
          pmuir

          In Seam 2, you can observe org.jboss.seam.security.notLoggedIn, not sure in 1.2.1, maybe org.jboss.seam.notLoggedIn?

          • 2. Re: capturing a non-authorized navigation

            The Seam 1.2 do have a notLoggedIn event, however it works for non-authenticated navigations.


            I´m wondering about a non-authorized navigation event, from an authenticated user.


            <page view-id=...>
              <restrict>#{...}</restrict>
            </page>




            I´d like to suspend the navigation, redirect the user to the login page to supply new credentials, and afterwards proceed the original navigation.


            I´ve found support just for non-authenticated users.

            • 3. Re: capturing a non-authorized navigation
              pmuir

              Again. in Seam 2 org.jboss.seam.security.notAuthorized - not sure in 1.2

              • 4. Re: capturing a non-authorized navigation
                shane.bryzak

                Seam 1.2.1 only throws an AuthorizationException, it doesn't raise any events.  Seam 2.0 will raise an org.jboss.seam.security.notAuthorized event, but only for restriction checks (invoked only for page and method restrictions).  Actually, it was an oversight that this event wasn't raised for role and permission checks so I've now added this to SVN trunk so you can expect to see it in Seam 2.1.0.GA.