deltaspike-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Karl Kildén <karl.kil...@gmail.com>
Subject Re: Question about @Secured integration with type safe navigation
Date Sat, 15 Feb 2014 14:37:38 GMT
Thanks guys

My apologies for not testing enough before asking ;)




On 15 February 2014 15:22, Gerhard Petracek <gerhard.petracek@gmail.com>wrote:

> once jsf handles the request, it should work.
> (for sure you need your custom AccessDecisionVoter + the corresponding
> view-config. please have a look at [1].)
>
> regards,
> gerhard
>
> [1] http://deltaspike.apache.org/jsf.html#security-integration-via-secured
>
> http://www.irian.at
>
> Your JSF/JavaEE powerhouse -
> JavaEE Consulting, Development and
> Courses in English and German
>
> Professional Support for Apache MyFaces
>
>
>
> 2014-02-15 15:15 GMT+01:00 Thomas Andraschko <andraschko.thomas@gmail.com
> >:
>
> > AFAIR it worked fine in CODI.
> >
> > @Gerhard: Any reason why it don't work in DS?
> >
> >
> > 2014-02-15 15:11 GMT+01:00 Karl Kildén <karl.kilden@gmail.com>:
> >
> > > Hello,
> > >
> > > If a user simply types in /secured/admin.xhtml in the browser the
> > @Secured
> > > annotation will not help, right? As far as I understand it's it only
> > > triggers the AccessDecisionVoter when you actually navigate with JSF...
> > > So I would still need to define a @WebFilter to secure my application.
> > >
> > > Now, the effect would that a secured request will be secured twice,
> once
> > by
> > > the filter and once by my AccessDecisionVoter and I didn't really
> > > accomplish much by using the AccessDecisionVoter? I feel like I am
> > missing
> > > something.
> > >
> > > cheers
> > >
> >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message