You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@deltaspike.apache.org by "John Schneider (JIRA)" <ji...@apache.org> on 2013/11/24 02:04:35 UTC
[jira] [Created] (DELTASPIKE-450) Secured ViewConfig's are not
working as documented
John Schneider created DELTASPIKE-450:
-----------------------------------------
Summary: Secured ViewConfig's are not working as documented
Key: DELTASPIKE-450
URL: https://issues.apache.org/jira/browse/DELTASPIKE-450
Project: DeltaSpike
Issue Type: Bug
Components: Core, Security-Module
Affects Versions: 0.5
Environment: Glassfish 4 / Weld 2.0.4
Reporter: John Schneider
I believe this is the documented method for securing pages, but the following view configuration does not invoke an AccessDecisionVoter.
@View(navigation = NavigationMode.REDIRECT)
public interface Pages extends ViewConfig {
class LogIn implements Pages {}
@Secured(value = ApplicationAccessDecisionVoter.class, errorView = LogIn.class)
class Manage implements Pages {}
}
I also tried with a @Sterotype @Secured annotation which I've confirmed to be working perfectly when placed on a CDI business method.
@Retention(RetentionPolicy.RUNTIME)
@Target({ElementType.TYPE, ElementType.METHOD, ElementType.FIELD})
@Documented
@Stereotype
@Secured(value = ApplicationAccessDecisionVoter.class, errorView = LogIn.class)
public @interface LoggedIn {
}
@View(navigation = NavigationMode.REDIRECT)
public interface Pages extends ViewConfig {
class LogIn implements Pages {}
@LoggedIn
class Manage implements Pages {}
}
--
This message was sent by Atlassian JIRA
(v6.1#6144)