I fire the exception by handling a @Before @RenderResponse JSF phase event :
public class FacesSecurity {
private transient Logger log = LoggerFactory.getLogger(FacesSecurity.class);
@Inject Identity identity;
@Inject Event<NotLoggedInException> notLoggedIn;
public void checkPermissions(@Observes @Before @RenderResponse PhaseEvent event) {
FacesContext faces = event.getFacesContext();
HttpServletRequest request = (HttpServletRequest) faces.getExternalContext().getRequest();
String viewId = faces.getViewRoot().getViewId();
log.debug("Checking permissions for {}:{} on {}", new Object[] {
request.getRemoteAddr(), request.getRemotePort(), viewId });
if ("/pages/article/post.xhtml".equalsIgnoreCase(viewId)) {
if (!identity.isLoggedIn()) {
log.debug("{}:{} is not logged in on {}", new Object[] {
request.getRemoteAddr(), request.getRemotePort(), viewId });
notLoggedIn.fire(new NotLoggedInException());
}
}
}
}
Then using @Observes to catch the exception, setting the message, then redirect:
public void handleNotLoggedIn(@Observes NotLoggedInException evt) {
ExternalContext external = faces.getExternalContext();
HttpServletRequest request = (HttpServletRequest) external.getRequest();
String viewId = faces.getViewRoot().getViewId();
log.debug("Redirecting {}:{} request {} to login page", new Object[] {
request.getRemoteAddr(), request.getRemotePort(), viewId });
faces.addMessage(null, new FacesMessage("Silakan login untuk melanjutkan."));
try {
external.redirect(external.encodeRedirectURL("login", null));
} catch (IOException e) {
throw new RuntimeException("Error during handling NotLoggedInException", e);
}
}
which works wonderfully. However, I tried changing it with @Inject Messages without success:
@Inject org.jboss.seam.international.status.Messages messages;
...
messages.warn("Silakan login untuk melanjutkan.");
Using @Inject Messages, no FacesMessage is shown at all.
Any suggestions ?