1 Reply Latest reply on Nov 16, 2007 1:50 PM by Steve Whatmore

    RichFaces + Acegi

    Alexey Kakunin Newbie

      Hello, all!
      We are using RichFaces in SpringFramework based Application, used Acegi Security framework for authentication/authorization.

      In Acegi we should specify the map of resources with roles, allowed to access them. Of course, for all a4j & richfaces based resources we should allow anonymous access (to be able to use scripts, css and other staff from a4j even if user is not logged in).

      In prevous version, then all resources of a4j was placed in one folder - it was very easy to do - we just created one common rule like:

      /a4j.res/**=ROLE_ANONYMOUS,ROLE_EMFORGEUSER


      Now - we should create a set of rules like:
      /a4j_3_1_2.gaorg/**=ROLE_ANONYMOUS,ROLE_EMFORGEUSER
      /a4j_3_1_2.gascripts/**=ROLE_ANONYMOUS,ROLE_EMFORGEUSER
      /a4j_3_1_2.gacss/**=ROLE_ANONYMOUS,ROLE_EMFORGEUSER
      /a4j_3_1_2.gaorg.richfaces.renderkit.html.gradienta/**=ROLE_ANONYMOUS,ROLE_EMFORGEUSER
      /a4j_3_1_2.gaimages/**=ROLE_ANONYMOUS,ROLE_EMFORGEUSER
      /a4j_3_1_2.gaorg.richfaces.renderkit.html.images.dotseparatorimage/**=ROLE_ANONYMOUS,ROLE_EMFORGEUSER
      


      And always fount new resources we should add.

      I understand - that this question related not only to richfaces - but to acegi - but probably somebody here already found the way to specify some one rule for all a4j resources?


        • 1. Re: RichFaces + Acegi
          Steve Whatmore Newbie

          It is still fairly easy to do this with the ACEGI framework since it supports something along the lines of

          /a4j*/**=ROLE_USER,ROLE_SYSTEM_ADMINISTRATOR,ROLE_ADMINISTRATOR,ROLE_ANONYMOUS
          


          Where the /a4j*/** is the regex (I believe) expression for all the a4j folders.

          I hope this helps.

          Whattyy