This content has been marked as final.
Show 7 replies
-
1. Re: swallowing exception restrict pages.xml
mcbermuders Jan 14, 2010 2:46 PM (in response to mcbermuders)Changelog from jboss-seam-2.2.0 and i can't see that it's fixed in the changelog.
JBSEAM-1987
anybody here with an solution ?
Release Notes - JBoss Seam - Version 2.0.0.CR2
** Bug
* [JBSEAM-1987] - <restrict> in pages.xml has no effect
* [JBSEAM-1988] - AuthorizationException not redirected properly -
2. Re: swallowing exception restrict pages.xml
mcbermuders Jan 14, 2010 4:25 PM (in response to mcbermuders)My Bad :D
Done .. Fixed :)
my pages was such an fail :)
with my new pages.xml everything works fine :)
i am happy now ...
<?xml version="1.0" encoding="UTF-8"?>
<pages xmlns="http://jboss.com/products/seam/pages" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://jboss.com/products/seam/pages http://jboss.com/products/seam/pages-2.3.xsd"
login-view-id="/login.xhtml">
<exception class="org.jboss.seam.security.NotLoggedInException">
<end-conversation />
<redirect view-id="/error/error.xhtml">
<message severity="warn">#{messages['org.jboss.seam.NotLoggedIn']}
</message>
</redirect>
</exception>
<exception class="org.jboss.seam.security.AuthorizationException">
<end-conversation />
<redirect view-id="/error/error.xhtml">
<message severity="warn">You do not have the Permission</message>
</redirect>
</exception>
<page view-id="/admin/*" login-required="true">
<restrict>#{s:hasRole('admin')}</restrict>
</page>
<page view-id="/members/*" login-required="true">
<restrict>#{identity.loggedIn}</restrict>
</page>
<!-- Login,Logout -->
<page view-id="/members/*.xhtml" action="#{identity.logout}">
<navigation from-action="#{identity.logout}">
<redirect view-id="/login.xhtml"></redirect>
</navigation>
</page>
<page view-id="/admin/*.xhtml" action="#{identity.logout}">
<navigation from-action="#{identity.logout}">
<redirect view-id="/login.xhtml"></redirect>
</navigation>
</page>
<page view-id="/error/*.xhtml" action="#{identity.logout}">
<navigation from-action="#{identity.logout}">
<redirect view-id="/login.xhtml"></redirect>
</navigation>
</page>
<page view-id="/login.xhtml" action="#{identity.login}">
<navigation from-action="#{identity.login}">
<rule if="#{identity.loggedIn}">
<redirect view-id="/members/mainsite.xhtml"></redirect>
</rule>
</navigation>
</page>
</pages> -
3. Re: swallowing exception restrict pages.xml
withmustaf May 24, 2010 2:39 PM (in response to mcbermuders)Hi,
I am facing the same problem in my application.
Initially I had schema location pointing to pages-2.2.xsd and
then I modified to point pages-2.3.xsdI throws the org.jboss.seam.security.AuthorizationException
but it is swallowed.Am using Seam 2.2.0.GA.
Kindly help me thru this.
-
4. Re: swallowing exception restrict pages.xml
withmustaf May 24, 2010 3:58 PM (in response to mcbermuders)I couldn't solve the issue. I am not sure what is wrong.
BUT..
I mapped the EL expression in <restrict /> to a boolean method (with role-check logic)
I made the boolean method to throw runtime exception when role-check fails(say my.dev.AznException).
I am catching the AznException exception and redirecting to homepage.
Its working fine now... -
5. Re: swallowing exception restrict pages.xml
mcbermuders Jun 10, 2010 11:57 AM (in response to mcbermuders)Sorry for the late reply. can you post you pages.xml
don't let pages handle exception. Does not work. For example:
<page view-id="/admin/*" login-required="true">
<exception class="org.jboss.seam.security.NotLoggedInException">
<redirect view-id="login.xhtml">
<message severity="warn">#{messages['org.jboss.seam.NotLoggedIn']}</message>
</redirect>
</exception>
</page>
--------------------------------------------
do it like this, and everything works fine:
<page view-id="/admin/*" login-required="true">
<restrict>#{s:hasRole('admin')}</restrict>
</page>
<exception class="org.jboss.seam.security.NotLoggedInException">
<end-conversation />
<redirect view-id="/error/error.xhtml">
<message severity="warn">#{messages['org.jboss.seam.NotLoggedIn']}
</message>
</redirect>
</exception>
<exception class="org.jboss.seam.security.AuthorizationException">
<end-conversation />
<redirect view-id="/error/error.xhtml">
<message severity="warn">You do not have the Permission</message>
</redirect>
</exception>
please post your pages.xml -
6. Re: swallowing exception restrict pages.xml
0sandglasstime Jul 1, 2010 10:52 AM (in response to mcbermuders)i'm a beginner to seam,i've got the same problem when i try to add the following restrict to a page
<page view-id="/projectEdit.xhtml">
<restrict>#{s:hasRole('admin')}</restrict>
</page>
is there something wrong? -
7. Re: swallowing exception restrict pages.xml
mcbermuders Aug 10, 2010 5:45 AM (in response to mcbermuders)Do you handle the exception ?
<exception class="org.jboss.seam.security.NotLoggedInException">
<end-conversation />
<redirect view-id="/error/error.xhtml">
<message severity="warn">#{messages['org.jboss.seam.NotLoggedIn']}
</message>
</redirect>
</exception>
<exception class="org.jboss.seam.security.AuthorizationException">
<end-conversation />
<redirect view-id="/error/error.xhtml">
<message severity="warn">You do not have the Permission</message>
</redirect>
</exception>
can you post your complete pages.xml ?!? So it's much easy to see what's wrong.