You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@deltaspike.apache.org by "Werner Gaulke (JIRA)" <ji...@apache.org> on 2014/07/17 15:24:04 UTC
[jira] [Created] (DELTASPIKE-675) Make intitially requested and
secured page available for redirect after login
Werner Gaulke created DELTASPIKE-675:
----------------------------------------
Summary: Make intitially requested and secured page available for redirect after login
Key: DELTASPIKE-675
URL: https://issues.apache.org/jira/browse/DELTASPIKE-675
Project: DeltaSpike
Issue Type: Improvement
Components: Security-Module
Affects Versions: 1.0.1
Reporter: Werner Gaulke
Priority: Minor
h2. Situation
DeltaSpike combined with PicketLink for security handling (users and roles). Custom AccessdecisionVoter to check, whether the user is allowed to access a page (by Secured Annotation in ViewConfig).
DS-Security intercept access to this page and redirects to the login. After the login it would be nice to redirect the user to the initially requested page.
Generally this problem is independend of the used security framework, in this case though PicketLink is used.
Reference to mailing list: http://mail-archives.apache.org/mod_mbox/deltaspike-users/201407.mbox/%3C006601cfa1ad$8fa14a00$aee3de00$@gaulke.net%3E
h2. Idea for the solution
Make requested page avaiable in AccessDecisionVoterContext and let the app handle the redirect after login. I think this could be done in SecurityUtils.
h2. Example
Attached you will find a minimal JSF/DS/PL application which uses a in memory database. Start the application in JBOSS Wildfly and access it.
You can now click on "Admin Area" in the main-menu and DS will redirect you to the login form. After login a LoggedIn Event by PL is fired.
A redirect to the requested page is desired.
https://www.dropbox.com/s/7k59jp1ka4xeez2/ds-pl-minimal.zip
--
This message was sent by Atlassian JIRA
(v6.2#6252)