You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@myfaces.apache.org by Fe...@t-systems.com on 2009/01/28 13:31:35 UTC

Resources Servlet security question

Hey Guys,

 

I implemented a phase listener based security handler which knows which
pages are public viewable and which pages require a special
authentication. Currently the only page usable without authentication is
the login page. These settings are blocking the resources servlet. That
causes a not working tr:inputDate for example, because the calendar
can't be rendered due to a security violation. I'm currently checking if
I can grant access to the resources servlet to all users.

 

Is it possible that the trinidad resources servlet renders a content
which allows the manipulation of the component tree or other data or is
this impossible? 

 

Thank you and best regards

 

Felix

Re: Resources Servlet security question

Posted by alvaro tovar <al...@gmail.com>.

hello
i don't know, i have some similar i make some thing like .*css.*
.*js.* leave get in.

regards

2009/1/28  <Fe...@t-systems.com>:
> Hey Guys,
>
>
>
> I implemented a phase listener based security handler which knows which
> pages are public viewable and which pages require a special authentication.
> Currently the only page usable without authentication is the login page.
> These settings are blocking the resources servlet. That causes a not working
> tr:inputDate for example, because the calendar can't be rendered due to a
> security violation. I'm currently checking if I can grant access to the
> resources servlet to all users.
>
>
>
> Is it possible that the trinidad resources servlet renders a content which
> allows the manipulation of the component tree or other data or is this
> impossible?
>
>
>
> Thank you and best regards
>
>
>
> Felix