1 Reply Latest reply on Jan 25, 2007 3:56 AM by Shane Bryzak

    Error in SeamSecurityFilter

    Vladimir Kovalyuk Apprentice

      I realized that when user is accessing a page when it is not logged in, the first thing that is happening is JSF lifecycle due to the error in SeamSecurityFilter:

       if (!checkSecurityConstraints(hRequest.getServletPath(), hRequest.getMethod(), ident))
       hResponse.sendRedirect(String.format("%s%s", hRequest.getContextPath(), config.getSecurityErrorPage()));
       chain.doFilter(request, response);
      


      Actually 'else' is missed:
       if (!checkSecurityConstraints(hRequest.getServletPath(), hRequest.getMethod(), ident))
       hResponse.sendRedirect(String.format("%s%s", hRequest.getContextPath(), config.getSecurityErrorPage()));
       else
       chain.doFilter(request, response);