6 Replies Latest reply on Jan 27, 2012 12:58 PM by Jason Porter

    seam-faces SecurityPhaseListener behaviour?

    MIklos Piklos Newbie

      I upgraded my dependecies to seam version 3.1.0.Final. And some things related to seam-security and viewconfig started behaving differently.
      AcessDeniedView redirection is sometimes triggered and sometimes not. By looking at the code i think this is the problem:

        private void redirectToAccessDeniedView(FacesContext context, UIViewRoot viewRoot) {
              // If a user has already done a redirect and rendered the response (possibly in an observer) we cannot do this output
              final PhaseId currentPhase = context.getCurrentPhaseId();
              if (!context.getResponseComplete() && !PhaseId.RENDER_RESPONSE.equals(currentPhase)) {

      So because sometimes the current jsf phase is render response, the code that is supposed to do the redirection is skipped.
      When i comment that out and ignore the jsf phase, everything works just as it used to work before the upgrade to 3.1.0.Final.

      Im just curious how come that the JSF phase is an issue on redirectToAccessDeniedView method, but is not an issue on redirectToLoginPage method.
      What's so different in redirecting to a login page?