Seam 2.1 Security
andre.eugenio Nov 13, 2008 2:48 PMHi,
I'm trying to setup the new seam security and I'm probably missing some configuration.
Parts of components.xml
<persistence:hibernate-session-factory name="hibernateFactory" /> <persistence:managed-hibernate-session name="hibernate" auto-create="true" session-factory="#{hibernateFactory}"/> <security:identity-manager identity-store="#{jpaIdentityStore}" /> <security:jpa-identity-store user-class="User" role-class="Role" /> <security:jpa-permission-store user-permission-class="UserPermission" role-permission-class="RolePermission"/>
The problem is when Seam try to create a query (createPermissionQuery) it's throw a null Exception in this line
Query query = lookupEntityManager().createQuery(queryCache.get(queryKey));
The sql string is generated fine reading annotations made on User class and is available on the queryCache hashmap, but looks like the entityManager (internal variable) is not assigned to my hibernateSession. Is there any other config that i need to do to setup the jpaIdentityStore ?
--
I have another question about the security. I'm planning to leave the security available to the user configure dynamically.
To archive this i was planning to have all actions classes with @Restrict annotation and extend Identity class to override the hasPermission methods and first check if there is any restriction to submit the seam if it's necessary.
With this customIdentity class i can create a new method to check roles as well.
Something like
@Override public boolean hasPermission(Object target, String action) { // Code to check hibernate if target/action has some restriction configured if(myCustomMethodToCheckRestriction(target, action)) return super.hasPermission(target, action);http://www.seamframework.org/Community/SeamUsersForum?showTopicForm=true# else return true; } public boolean myCustomCheckForHasRole(String faceletsTemplate) { String roleTarget; if((roleTarget=getRoleRestrictionFor(faceletsTemplate)) != null) { return return super.hasRole(roleTarget); } return true; }
Is it the best approach ?