1 Reply Latest reply on Jan 7, 2017 6:26 AM by Ranganathan Kaliyur Mannar

    Prevent direct access URL with picketlink

    r3glisse r3glisse Newbie

      I'm devlopping a Java web application with Picketlink and I've managed all the page access with the class HttpSecurityConfiguration.java. So when I log with the administrator login I can access to the "protected" pages which are located in the admin folder while navigating on the website. If I do not log with the administrator login I cannot access to the pages which are in the admin folder. But as user I can directly access to the admin pages by enter the direct URL link into the navigation search. How can I avoid this ?

      This is my HttpSecurityConfiguration.java



      package fr.esisar.frigolo.portail;

      import javax.enterprise.event.Observes;

      import org.picketlink.config.SecurityConfigurationBuilder;
      import org.picketlink.event.SecurityConfigurationEvent;

      public class HttpSecurityConfiguration {

      public void onInit(@Observes SecurityConfigurationEvent event) {
      SecurityConfigurationBuilder builder = event.getBuilder();


      .redirectTo("/portail.xhtml"); */