3 Replies Latest reply on Apr 4, 2010 1:41 PM by accless

    need help with Seam Identity

    blackmoon
    blackmoon Apr 2, 2010 8:26 AM

      Hi, I wrote a new class which subclass from org.jboss.seam.security.Identity in order to cache the permission, here is the code




      @Name("identity")
@Scope(ScopeType.SESSION)
@BypassInterceptors
@Startup
public class CmsIdentity extends Identity {

    HashMap<String, Boolean> permissionMap = new HashMap<String, Boolean>();
    HashMap<String, Boolean> roleMap = new HashMap<String, Boolean>();
     
    @Override
    public boolean hasPermission(Object target, String action) {
        String key = target.toString() + action;
        if (permissionMap.get(key) == null) {
            boolean result = super.hasPermission(target, action);
            permissionMap.put(key, result);
            return result;
        } else {
            return permissionMap.get(key);
        }
    }
       
    @Override
    public boolean hasRole(String role) {
        String key = role;
        if (roleMap.get(key) == null) {
            boolean result = super.hasRole(role);
            roleMap.put(key, result);
            return result;
        } else {
            return roleMap.get(key);
        }
    }
}



      the thing is, when i call an EL like {not identity.loggedIn} it's ok. But when i check restriction using {s:hasRole('admin')} or {s:hasPermission('target','action')}, the NotLoginException is thrown. Here is the strace:






      org.jboss.seam.security.NotLoggedInException
        at org.jboss.seam.security.Identity.checkRestriction(Identity.java:217)
        at org.jboss.seam.navigation.Page.checkPermission(Page.java:263)
        at org.jboss.seam.navigation.Page.preRender(Page.java:283)
        at org.jboss.seam.navigation.Pages.preRender(Pages.java:350)
        at org.jboss.seam.jsf.SeamPhaseListener.preRenderPage(SeamPhaseListener.java:561)
        at org.jboss.seam.jsf.SeamPhaseListener.beforeRenderResponse(SeamPhaseListener.java:472)
        at org.jboss.seam.jsf.SeamPhaseListener.beforeServletPhase(SeamPhaseListener.java:148)
        at org.jboss.seam.jsf.SeamPhaseListener.beforePhase(SeamPhaseListener.java:118)
        at com.sun.faces.lifecycle.Phase.handleBeforePhase(Phase.java:214)
        at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:96)
        at com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:139)





      The org.jboss.seam.security.Identity.checkRestriction() method is not supposed to be called but the subclass with higher precedence instead. Is there any ideas ? Thanks.

      • 281 Views
      • Tags:
        • 1. Re: need help with Seam Identity
          blackmoon
          blackmoon Apr 2, 2010 11:30 AM (in response to blackmoon)

          the problem is now solved with the component name org.jboss.seam.security.identity (exactly the name of org.jboss.seam.security.Identity) :-s strange ...


          @Name("org.jboss.seam.security.identity")
@Scope(ScopeType.SESSION)
@BypassInterceptors
@Startup
public class CmsIdentity extends Identity {
...
}



            • Actions
          • 2. Re: need help with Seam Identity
            cash1981
            cash1981 Apr 2, 2010 2:44 PM (in response to blackmoon)

            Actually this is not strange at all.


            All names you write on seam components will get package.class as name. This is the same as Java class files. The identity of a class is always your.package.className

              • Actions
            • 3. Re: need help with Seam Identity
              accless
              accless Apr 4, 2010 1:41 PM (in response to blackmoon)

              The identity is an ALIAS for org.jboss.seam.security.identity!


              u have to use the original component name, if u wanna subclass/overwrite a seam component

                • Actions