0 Replies Latest reply on Jul 6, 2008 9:29 AM by some one

    UrlRewriteFilter and Seam Authentication

    some one Newbie

      So I've been going through the documentation and reading many articles about setting up Seam and conversations and I came across this article:


      Which talks about the problem of search bots (in this example, Googlebot), thrashing the server as Googlebot searches through URLs that have conversation IDs. So one of the solutions (aside from setting debug to false in the components.xml file, editing the robots.txt file, and setting Permgen space to at least 128 MB) was to use UrlRewriteFilter. However, the author makes it clear that he places the UrlRewriteFilter filter before the Seam filter so that Seam doesn't attempt to perform any processing (basically stop the thrashing). That sounds like a great plan until I came across a bug report at the JBoss site at:


      Where it states that placing UrlRewriteFilter in the web.xml file before the Seam Filter breaks basic authentication. Then another post:


      States that If UrlRewriteFilter is the first filter, then it fixes JBSEAM-2921 (previous bug).

      My question is this:

      1.) Does placing the UrlRewriteFilter before the Seam Filter (and before all other filters) break Seam's basic authentication? If so, this sounds like one helluva show stopper since users have a choice between attempts at stopping thrashing or using Seam authentication.

      Btw, I'm using Tomcat 6.0.16, Seam 2.0.2 CR1, UrlRewriteFilter 2.6, and my application is attempting to use conversations for wizards (e.g., users registering for an account like in the SeamBay example which, on a side note, is a great example to learn from).

      Any guidance, correction, or advice would be greatly appreciated. :)