Hi, I've encountered quite strange Seam behavior in my project. I setup security framework and it works great for restricting access to mehods (in EJB) and to UI elements (in *.xhtml with s:hasRole). All security exceptions redirected to default security page. Now I setup page security in page.xml:
| <page view-id="/page1.xhtml" login-required="true"> | <restrict>#{s:hasRole('admin')}</restrict> | </page> | Access to this page granted although I see AuthorizationException in log file. If I redefine default exception page: | <exception class="org.jboss.seam.security.AuthorizationException"> | <end-conversation/> | <redirect view-id="/error.xhtml"> | <message severity="WARN">Access denied</message> | </redirect> | </exception> | Than access to page1 restricted and I redirected to error.xhtml. Did I miss something and exception page definition is mandatory for security configuration in page.xml? My environment is glassfish-v2 and jboss-seam 2.0. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4097380#4097380 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4097380 _______________________________________________ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user