deltaspike-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gerhard Petracek <gerhard.petra...@gmail.com>
Subject Re: Security - Obtaining initially requested page for further redirect
Date Thu, 17 Jul 2014 12:40:50 GMT
hi werner,

you are very welcome to create a jira ticket (see [1]) for such an
improvement.
(if you also attach a simple demo-app, we could test a possible approach
easily.)

regards,
gerhard

[1] https://issues.apache.org/jira/browse/DELTASPIKE

http://www.irian.at

Your JSF/JavaEE powerhouse -
JavaEE Consulting, Development and
Courses in English and German

Professional Support for Apache MyFaces



2014-07-17 14:32 GMT+02:00 Werner Gaulke <werner@gaulke.net>:

> Hi Herhard,
>
> thanks for your feedback and your suggestion. Theoretically PicketLink has
> its own filter for authentication checks - but enabling this filter would
> duplicate the functionality provided by DS. Security configuration with
> help of the ViewConfig is much more convenient.
> While debugging I saw, that SecurityUtils is basically the point where the
> initially requested view is available and could be put into the
> AccessDecisionVoterContext.
>
> In the AccessDecisionVoter I have no way to obtain the initially requested
> view - at least without some sort of helper.
>
> I thought this would be a very convenient add-on for the security module.
> :)
>
> Best
> Werner
>
>
>
> -----Urspr√ľngliche Nachricht-----
> Von: Gerhard Petracek [mailto:gerhard.petracek@gmail.com]
> Gesendet: Donnerstag, 17. Juli 2014 13:10
> An: users@deltaspike.apache.org
> Betreff: Re: Security - Obtaining initially requested page for further
> redirect
>
> hi werner,
>
> thx for the feedback!
> that sounds more like a feature for picketlink or your own
> AccessDecisionVoter (you can cast AccessDecisionVoterContext to
> EditableAccessDecisionVoterContext and use #addMetaData)
>
> regards,
> gerhard
>
> http://www.irian.at
>
> Your JSF/JavaEE powerhouse -
> JavaEE Consulting, Development and
> Courses in English and German
>
> Professional Support for Apache MyFaces
>
>
>
> 2014-07-17 12:55 GMT+02:00 Werner Gaulke <werner@gaulke.net>:
>
> > Hi,
> >
> > I have a question regarding the DS-Security Module. I have
> > successfully integrated DS with PicketLink. I am using a custom
> > AccessDecisionVoter to integrate the PicketLink IDM to check for roles /
> access.
> > Redirect to Login and Logging-in works fine with that method. The use
> > of @Secured in the ViewConfig is a very elegant solution in my opinion.
> >
> > But I am struggling to redirect the user after the login to the
> > initially requested page. PicketLink generated a LoggedInEvent which
> > can be catched after login an redirect if the initially requested view
> > was somehow available.
> >
> > In my option the AccessDecisionVoterContext could store the initial
> > requested view root in it's meta-data set by the SecurityUtils.
> >
> >
> > What do you guys think? Has anyone a solution for this (in my opinion
> > very
> > common) problem?
> >
> > Best
> > Werner
> >
> >
> >
> >
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message