5 Replies Latest reply on Mar 15, 2012 1:37 PM by lightguard

Seam Faces, Pages.xml - restrict tag

atdavie Mar 12, 2012 10:33 AM

In olden days (Seam 2.2) I could define a page in pages.xml and simply mark it with a <restrict></restrict>. The page would be inaccesible by default, with security rules providing the access as required.

Seam Faces (Seam 3) as far as I can tell allows me to define something equivalent to the pages.xml using an interface and an enumerated type, however does it also support the above mentioned use case? I can find examples where an annotation can be defined for a given type on a given page e.g.

        @ViewPattern("/admin.xhtml")
        @Admin
        ADMIN,

1. Re: Seam Faces, Pages.xml - restrict tag

lightguard Mar 12, 2012 3:21 PM (in response to atdavie)

You need to use Seam Security and define a security binding annotation and method to be invoked, it should be in the documentation(s) or in some of the examples. You can see https://community.jboss.org/blogs/lightguardjp/2012/02/24/seam-3-examples for more examples as well.
Actions
2. Re: Seam Faces, Pages.xml - restrict tag

atdavie Mar 13, 2012 4:57 AM (in response to lightguard)

Hi Jason,

my example actually shows a security annotation. This is an explicit application of a particular binding.

My question was more that in Seam 2.2 it was possible to simply mark a page as being subject to rules by marking it with the restrict tag. This caused the security rules engine to be invoked and the rules decided if a grant was given on the page or not. I was wondering if this is still possible with Seam 3 using Seam Faces and Seam Security.

I will do some more research, but I suppose I might be able to create an @restrict security annotation and use this to invoke the security rules in order to delegate the access to the rules.
Actions
3. Re: Seam Faces, Pages.xml - restrict tag

lightguard Mar 14, 2012 2:26 PM (in response to atdavie)

No, Seam 3 has no such tag.
Actions
4. Re: Seam Faces, Pages.xml - restrict tag

atdavie Mar 15, 2012 11:22 AM (in response to lightguard)

In fact I was wondering if something similar could be done either by invoking the rules engine via a security annotation (in a more general way as before rather than simply using hasPermissions), or by having a more generic @restrict type annotation.
Actions
5. Re: Seam Faces, Pages.xml - restrict tag

lightguard Mar 15, 2012 1:37 PM (in response to atdavie)

That may be possible, but Shane would be the best person to ask about how the drools integration works with Security.
Actions

Go to original post