3 Replies Latest reply on Dec 17, 2008 3:18 PM by Vitor Souza

    Authorization and web pages

    Vitor Souza Newbie

      Hi there. I know I deserve a RTFM because I probably haven't studied enough, but if anyone is willing to share their experience on this, I'd be really thankful!

      I have a POJO called ManageInstitutionsAction, which is a CRUD for Institution entities. I annotated the whole class with @Restrict("#{s:hasRole('admin')}"), as only administrators can use it.

      Now, if an unidentified user tries to open http://localhost:8080/sigme/core/manageInstitutions/list.seam, none of the resources that refer to the Action class will be available, but the list.xhtml page will render nonetheless (with empty controls, like the data table that shows the existing entities).

      To fix that, I surrounded the whole page with <s:div rendered="#{(s:hasRole('admin'))"> </s:div>. But then it just renders a blank page. Instead, I'd like to redirect the user to a /not-logged-in.seam page? How do I do that?

      Thank you,

      Vitor Souza