You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@deltaspike.apache.org by Dominik Obermaier <do...@gmail.com> on 2014/03/13 15:15:31 UTC
Secure Pages with Deltaspike Security + Typesafe View Configs
Hi,
I'm struggling to integrate Deltaspikes Typesafe View Configs with my
application.
I have a login view and another view. I created a typesafe View Config
like this:
@Folder
@View(navigation = View.NavigationMode.REDIRECT)
public interface Pages extends ViewConfig {
@View
public class Login implements Pages {
}
@View()
@Secured(value = CustomAccessDecisionVoter.class)
public class Index implements Pages {
}
The my AccessDecisionVoter looks like this:
.....
@Override
public Set<SecurityViolation> checkPermission(final
AccessDecisionVoterContext accessDecisionVoterContext) {
if (loggedIn) {
return Collections.emptySet();
}
return Sets.newHashSet(new Violation());
}
.....
Now I want to achieve the following and don't have a clue how to do this:
1. Redirect to Login if the user doesn't have the permission (= the
AccessDecisionVoter returns SecurityViolations). At the moment I'm just
getting a
|org.apache.deltaspike.security.api.authorization.ErrorViewAwareAccessDeniedException|
2. How can I redirect to another page if the user is already logged in
and the user navigates to the login view? Is this possible with the
Typesave View Config?
I hope these questions aren't classic Deltaspike beginner questions ;-).
Honestly, I had a hard time finding useful information about Deltaspike
via Google. Seems like there aren't that many people blogging about it :-)
Thanks,
Dominik
Re: Secure Pages with Deltaspike Security + Typesafe View Configs
Posted by Gerhard Petracek <ge...@gmail.com>.
hi dominik,
please use DefaultErrorView (see [1] and/or e.g. [2]) or for special cases
@Secured#errorView.
(fyi: you can remove @Folder in your case)
regards,
gerhard
[1] http://deltaspike.apache.org/jsf.html#configuring-a-default-error-view
[2]
https://github.com/os890/tomee_mf_stack_001/blob/toDS05/src/main/java/org/superbiz/myfaces/view/config/Pages.java
http://www.irian.at
Your JSF/JavaEE powerhouse -
JavaEE Consulting, Development and
Courses in English and German
Professional Support for Apache MyFaces
2014-03-13 15:15 GMT+01:00 Dominik Obermaier <do...@gmail.com>:
> Hi,
>
> I'm struggling to integrate Deltaspikes Typesafe View Configs with my
> application.
>
> I have a login view and another view. I created a typesafe View Config
> like this:
>
> @Folder
> @View(navigation = View.NavigationMode.REDIRECT)
> public interface Pages extends ViewConfig {
>
> @View
> public class Login implements Pages {
>
> }
>
> @View()
> @Secured(value = CustomAccessDecisionVoter.class)
> public class Index implements Pages {
>
> }
>
>
> The my AccessDecisionVoter looks like this:
>
> .....
> @Override
> public Set<SecurityViolation> checkPermission(final
> AccessDecisionVoterContext accessDecisionVoterContext) {
> if (loggedIn) {
> return Collections.emptySet();
> }
> return Sets.newHashSet(new Violation());
> }
> .....
>
>
> Now I want to achieve the following and don't have a clue how to do this:
>
> 1. Redirect to Login if the user doesn't have the permission (= the
> AccessDecisionVoter returns SecurityViolations). At the moment I'm just
> getting a
>
>
> |org.apache.deltaspike.security.api.authorization.ErrorViewAwareAccessDeniedException|
>
>
> 2. How can I redirect to another page if the user is already logged in
> and the user navigates to the login view? Is this possible with the
> Typesave View Config?
>
>
> I hope these questions aren't classic Deltaspike beginner questions ;-).
> Honestly, I had a hard time finding useful information about Deltaspike
> via Google. Seems like there aren't that many people blogging about it :-)
>
> Thanks,
> Dominik
>
>