You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@deltaspike.apache.org by Jean-Louis MONTEIRO <je...@gmail.com> on 2014/02/06 18:08:13 UTC
JSF Security regression
Hello guys,
I'm currently facing a regression on Securty module.
Just wanted to know if you are aware of?
I was using 0.5 with the following
@View(basePath = "/", extension = "xhtml", navigation =
View.NavigationMode.REDIRECT)
public interface Navigation extends ViewConfig {
@View
class Index implements Navigation {}
@View
class Login implements Navigation {}
@View(basePath = "/post/")
interface PostsNavigation extends Navigation {}
@View
class Post implements PostsNavigation {}
@Secured(LoggedInUserVoter.class)
interface SecuredPostsNavigation extends PostsNavigation {}
@View(name = "create-post")
class CreatePost implements SecuredPostsNavigation {}
@View(name = "edit-post")
class EditPost implements SecuredPostsNavigation {}
}
When I switch to 0.6-SNAPSHOT (cause of the DS Data bug), it does not work
anymore.
Here is the error
INFO - class:
org.apache.deltaspike.jsf.impl.config.view.ViewConfigPathValidator
activated=true
SEVERE - invalid view-config found
java.lang.IllegalStateException: path '/navigation/securedPostsNavigation/'
is missing, but mapped by:
com.github.rmannibucau.blog.front.controller.Navigation$SecuredPostsNavigation
If you are not aware, I will investigate and propose a fix.
JLouis
--
Jean-Louis
Re: JSF Security regression
Posted by Gerhard Petracek <ge...@gmail.com>.
i've attached a patch to DELTASPIKE-480.
it would be great, if you can test it with your application.
regards,
gerhard
http://www.irian.at
Your JSF/JavaEE powerhouse -
JavaEE Consulting, Development and
Courses in English and German
Professional Support for Apache MyFaces
2014-02-06 Gerhard Petracek <ge...@gmail.com>:
> hi,
>
> for now you can deactivate ViewConfigPathValidator (it implements
> Deactivatable).
> i'll have a look at it.
>
> regards,
> gerhard
>
> http://www.irian.at
>
> Your JSF/JavaEE powerhouse -
> JavaEE Consulting, Development and
> Courses in English and German
>
> Professional Support for Apache MyFaces
>
>
>
> 2014-02-06 Jean-Louis MONTEIRO <je...@gmail.com>:
>
> Hello guys,
>>
>> I'm currently facing a regression on Securty module.
>> Just wanted to know if you are aware of?
>>
>> I was using 0.5 with the following
>> @View(basePath = "/", extension = "xhtml", navigation =
>> View.NavigationMode.REDIRECT)
>> public interface Navigation extends ViewConfig {
>> @View
>> class Index implements Navigation {}
>>
>> @View
>> class Login implements Navigation {}
>>
>> @View(basePath = "/post/")
>> interface PostsNavigation extends Navigation {}
>>
>> @View
>> class Post implements PostsNavigation {}
>>
>> @Secured(LoggedInUserVoter.class)
>> interface SecuredPostsNavigation extends PostsNavigation {}
>>
>> @View(name = "create-post")
>> class CreatePost implements SecuredPostsNavigation {}
>>
>> @View(name = "edit-post")
>> class EditPost implements SecuredPostsNavigation {}
>> }
>>
>> When I switch to 0.6-SNAPSHOT (cause of the DS Data bug), it does not work
>> anymore.
>> Here is the error
>> INFO - class:
>> org.apache.deltaspike.jsf.impl.config.view.ViewConfigPathValidator
>> activated=true
>> SEVERE - invalid view-config found
>> java.lang.IllegalStateException: path
>> '/navigation/securedPostsNavigation/'
>> is missing, but mapped by:
>>
>> com.github.rmannibucau.blog.front.controller.Navigation$SecuredPostsNavigation
>>
>> If you are not aware, I will investigate and propose a fix.
>>
>> JLouis
>>
>> --
>> Jean-Louis
>>
>
>
Re: JSF Security regression
Posted by Gerhard Petracek <ge...@gmail.com>.
hi,
for now you can deactivate ViewConfigPathValidator (it implements
Deactivatable).
i'll have a look at it.
regards,
gerhard
http://www.irian.at
Your JSF/JavaEE powerhouse -
JavaEE Consulting, Development and
Courses in English and German
Professional Support for Apache MyFaces
2014-02-06 Jean-Louis MONTEIRO <je...@gmail.com>:
> Hello guys,
>
> I'm currently facing a regression on Securty module.
> Just wanted to know if you are aware of?
>
> I was using 0.5 with the following
> @View(basePath = "/", extension = "xhtml", navigation =
> View.NavigationMode.REDIRECT)
> public interface Navigation extends ViewConfig {
> @View
> class Index implements Navigation {}
>
> @View
> class Login implements Navigation {}
>
> @View(basePath = "/post/")
> interface PostsNavigation extends Navigation {}
>
> @View
> class Post implements PostsNavigation {}
>
> @Secured(LoggedInUserVoter.class)
> interface SecuredPostsNavigation extends PostsNavigation {}
>
> @View(name = "create-post")
> class CreatePost implements SecuredPostsNavigation {}
>
> @View(name = "edit-post")
> class EditPost implements SecuredPostsNavigation {}
> }
>
> When I switch to 0.6-SNAPSHOT (cause of the DS Data bug), it does not work
> anymore.
> Here is the error
> INFO - class:
> org.apache.deltaspike.jsf.impl.config.view.ViewConfigPathValidator
> activated=true
> SEVERE - invalid view-config found
> java.lang.IllegalStateException: path '/navigation/securedPostsNavigation/'
> is missing, but mapped by:
>
> com.github.rmannibucau.blog.front.controller.Navigation$SecuredPostsNavigation
>
> If you are not aware, I will investigate and propose a fix.
>
> JLouis
>
> --
> Jean-Louis
>
Re: JSF Security regression
Posted by Karl Kildén <ka...@gmail.com>.
I apologize for my last email, currently babysitting...
On 6 February 2014 19:30, Karl Kildén <ka...@gmail.com> wrote:
> /*q
>
>
> On 6 February 2014 18:08, Jean-Louis MONTEIRO <je...@gmail.com> wrote:
>
>> Hello guys,
>>
>> I'm currently facing a regression on Securty module.
>> Just wanted to know if you are aware of?
>>
>> I was using 0.5 with the following
>> @View(basePath = "/", extension = "xhtml", navigation =
>> View.NavigationMode.REDIRECT)
>> public interface Navigation extends ViewConfig {
>> @View
>> class Index implements Navigation {}
>>
>> @View
>> class Login implements Navigation {}
>>
>> @View(basePath = "/post/")
>> interface PostsNavigation extends Navigation {}
>>
>> @View
>> class Post implements PostsNavigation {}
>>
>> @Secured(LoggedInUserVoter.class)
>> interface SecuredPostsNavigation extends PostsNavigation {}
>>
>> @View(name = "create-post")
>> class CreatePost implements SecuredPostsNavigation {}
>>
>> @View(name = "edit-post")
>> class EditPost implements SecuredPostsNavigation {}
>> }
>>
>> When I switch to 0.6-SNAPSHOT (cause of the DS Data bug), it does not work
>> anymore.
>> Here is the error
>> INFO - class:
>> org.apache.deltaspike.jsf.impl.config.view.ViewConfigPathValidator
>> activated=true
>> SEVERE - invalid view-config found
>> java.lang.IllegalStateException: path
>> '/navigation/securedPostsNavigation/'
>> is missing, but mapped by:
>>
>> com.github.rmannibucau.blog.front.controller.Navigation$SecuredPostsNavigation
>>
>> If you are not aware, I will investigate and propose a fix.
>>
>> JLouis
>>
>> --
>> Jean-Louis
>>
>
>
Re: JSF Security regression
Posted by Karl Kildén <ka...@gmail.com>.
/*q
On 6 February 2014 18:08, Jean-Louis MONTEIRO <je...@gmail.com> wrote:
> Hello guys,
>
> I'm currently facing a regression on Securty module.
> Just wanted to know if you are aware of?
>
> I was using 0.5 with the following
> @View(basePath = "/", extension = "xhtml", navigation =
> View.NavigationMode.REDIRECT)
> public interface Navigation extends ViewConfig {
> @View
> class Index implements Navigation {}
>
> @View
> class Login implements Navigation {}
>
> @View(basePath = "/post/")
> interface PostsNavigation extends Navigation {}
>
> @View
> class Post implements PostsNavigation {}
>
> @Secured(LoggedInUserVoter.class)
> interface SecuredPostsNavigation extends PostsNavigation {}
>
> @View(name = "create-post")
> class CreatePost implements SecuredPostsNavigation {}
>
> @View(name = "edit-post")
> class EditPost implements SecuredPostsNavigation {}
> }
>
> When I switch to 0.6-SNAPSHOT (cause of the DS Data bug), it does not work
> anymore.
> Here is the error
> INFO - class:
> org.apache.deltaspike.jsf.impl.config.view.ViewConfigPathValidator
> activated=true
> SEVERE - invalid view-config found
> java.lang.IllegalStateException: path '/navigation/securedPostsNavigation/'
> is missing, but mapped by:
>
> com.github.rmannibucau.blog.front.controller.Navigation$SecuredPostsNavigation
>
> If you are not aware, I will investigate and propose a fix.
>
> JLouis
>
> --
> Jean-Louis
>