Return-Path: X-Original-To: apmail-deltaspike-commits-archive@www.apache.org Delivered-To: apmail-deltaspike-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 34C7311597 for ; Mon, 4 Aug 2014 16:43:13 +0000 (UTC) Received: (qmail 38505 invoked by uid 500); 4 Aug 2014 16:43:13 -0000 Delivered-To: apmail-deltaspike-commits-archive@deltaspike.apache.org Received: (qmail 38470 invoked by uid 500); 4 Aug 2014 16:43:13 -0000 Mailing-List: contact commits-help@deltaspike.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@deltaspike.apache.org Delivered-To: mailing list commits@deltaspike.apache.org Received: (qmail 38461 invoked by uid 99); 4 Aug 2014 16:43:13 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 04 Aug 2014 16:43:13 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 04 Aug 2014 16:43:12 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id 05FF62388F17 for ; Mon, 4 Aug 2014 16:42:52 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r918385 - in /websites/staging/deltaspike/trunk/content: ./ security.html Date: Mon, 04 Aug 2014 16:42:51 -0000 To: commits@deltaspike.apache.org From: buildbot@apache.org X-Mailer: svnmailer-1.0.9 Message-Id: <20140804164252.05FF62388F17@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: buildbot Date: Mon Aug 4 16:42:51 2014 New Revision: 918385 Log: Staging update by buildbot for deltaspike Modified: websites/staging/deltaspike/trunk/content/ (props changed) websites/staging/deltaspike/trunk/content/security.html Propchange: websites/staging/deltaspike/trunk/content/ ------------------------------------------------------------------------------ --- cms:source-revision (original) +++ cms:source-revision Mon Aug 4 16:42:51 2014 @@ -1 +1 @@ -1615661 +1615662 Modified: websites/staging/deltaspike/trunk/content/security.html ============================================================================== --- websites/staging/deltaspike/trunk/content/security.html (original) +++ websites/staging/deltaspike/trunk/content/security.html Mon Aug 4 16:42:51 2014 @@ -373,7 +373,7 @@ It's a basic hook to integrate a custom

Making intitially requested and secured page available for redirect after login

DeltaSpike can be combined with pure CDI or with any other security frameworks (like PicketLink) to track the denied page and make it available after user logs in.

CDI Implementation to redirect the login to the first denied page

-
    +

    • Your LoginService will fire a custom UserLoggedInEvent

      :::java @@ -440,10 +440,10 @@ public class AuthenticationListener {

      }

      • -
+

PicketLink Implementation to redirect the login to the first denied page

Once that PicketLink handles the authentication for you, you only need to store the denied page and observe PicketLink LoggedInEvent to redirect you back to the denied page.

-
    +

    • Use @SessionScoped or @WindowScoped for AdminAccessDecisionVoter and store the denied page on your own.

      :::java @@ -498,7 +498,7 @@ public class AuthenticationListener {

      }

      • -
+

AccessDecisionVoterContext

Because the AccessDecisionVoter can be chained, AccessDecisionVoterContext allows to get the current state as well as the results of the security check.

There are several methods that can be useful