[jira] [Created] (DELTASPIKE-1347) DeltaSpike Window Scope doesn't work with IE 11 sometimes
Udo Schnurpfeil created DELTASPIKE-1347:
---
Summary: DeltaSpike Window Scope doesn't work with IE 11 sometimes
Key: DELTASPIKE-1347
URL: https://issues.apache.org/jira/browse/DELTASPIKE-1347
Project: DeltaSpike
Issue Type: Bug
Affects Versions: 1.8.1
Reporter: Udo Schnurpfeil
I found a problem with the window id and *IE11*, described in TOBAGO-1901.
I've tested the example of deltaspike current version:
{code}
$ cd deltaspike/examples/jsf-playground
$ mvn clean package tomee:run -Prun-tomee-1.7.2
{code}
Browse with IE to:
{code}
http://10.211.55.2:8080/ds/views/windowhandling/clientwindow/test.xhtml
{code}
Clicking "GET Link", "Postback" or "Postback with outcome" will generate a new
window id, every click.
The bug doesn't happen, when opening the F12 tool, which make it tricky to
debug.
The bug doesn't happen, when adding the URL in the trusted sites configuration
of IE.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (DELTASPIKE-1347) DeltaSpike Window Scope doesn't work with IE 11 sometimes
[
https://issues.apache.org/jira/browse/DELTASPIKE-1347?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16489003#comment-16489003
]
Thomas Andraschko commented on DELTASPIKE-1347:
---
A deeper analysis or patch would be great. The code should be very well
commented.
> DeltaSpike Window Scope doesn't work with IE 11 sometimes
> -
>
> Key: DELTASPIKE-1347
> URL: https://issues.apache.org/jira/browse/DELTASPIKE-1347
> Project: DeltaSpike
> Issue Type: Bug
>Affects Versions: 1.8.1
>Reporter: Udo Schnurpfeil
>Priority: Minor
>
> I found a problem with the window id and *IE11*, described in TOBAGO-1901.
> I've tested the example of deltaspike current version:
> {code}
> $ cd deltaspike/examples/jsf-playground
> $ mvn clean package tomee:run -Prun-tomee-1.7.2
> {code}
> Browse with IE to:
> {code}
> http://10.211.55.2:8080/ds/views/windowhandling/clientwindow/test.xhtml
> {code}
> Clicking "GET Link", "Postback" or "Postback with outcome" will generate a
> new window id, every click.
> The bug doesn't happen, when opening the F12 tool, which make it tricky to
> debug.
> The bug doesn't happen, when adding the URL in the trusted sites
> configuration of IE.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (DELTASPIKE-1347) DeltaSpike Window Scope doesn't work with IE 11 sometimes
[
https://issues.apache.org/jira/browse/DELTASPIKE-1347?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16489165#comment-16489165
]
Udo Schnurpfeil commented on DELTASPIKE-1347:
-
Found the problem with Windows 10, not with Windows 7.
> DeltaSpike Window Scope doesn't work with IE 11 sometimes
> -
>
> Key: DELTASPIKE-1347
> URL: https://issues.apache.org/jira/browse/DELTASPIKE-1347
> Project: DeltaSpike
> Issue Type: Bug
>Affects Versions: 1.8.1
>Reporter: Udo Schnurpfeil
>Priority: Minor
>
> I found a problem with the window id and *IE11*, described in TOBAGO-1901.
> I've tested the example of deltaspike current version:
> {code}
> $ cd deltaspike/examples/jsf-playground
> $ mvn clean package tomee:run -Prun-tomee-1.7.2
> {code}
> Browse with IE to:
> {code}
> http://10.211.55.2:8080/ds/views/windowhandling/clientwindow/test.xhtml
> {code}
> Clicking "GET Link", "Postback" or "Postback with outcome" will generate a
> new window id, every click.
> The bug doesn't happen, when opening the F12 tool, which make it tricky to
> debug.
> The bug doesn't happen, when adding the URL in the trusted sites
> configuration of IE.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (DELTASPIKE-1345) Support JavaEE Security annotation
[
https://issues.apache.org/jira/browse/DELTASPIKE-1345?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16489571#comment-16489571
]
Gerhard Petracek commented on DELTASPIKE-1345:
--
[~princemtl]:
i've prototyped a cdi-role-bridge (as ds-addon) at
https://github.com/os890/ds-role-bridge-addon
it supports @DenyAll, @PermitAll, @RolesAllowed and @RunAs and works without an
additional api (and without mandatory config).
the demo-app (based on meecrowave) allows to check different
role-constellations (at runtime).
i also tested it in combination with ejbs (a corresponding demo-app might
follow).
the addon is based on cdi 1.2 (+ ds 1.x) and for sure it requires
javax.annotation-api.
for ds we could get over #1 (with the same workarounds we use already to
support v1.1+).
however, #2 would mean to use a significant amount of reflection or we provide
a separated authentication-impl-module.
> Support JavaEE Security annotation
> --
>
> Key: DELTASPIKE-1345
> URL: https://issues.apache.org/jira/browse/DELTASPIKE-1345
> Project: DeltaSpike
> Issue Type: New Feature
> Components: Security-Module
>Reporter: Jonathan Laterreur
>Assignee: Gerhard Petracek
>Priority: Minor
>
> Deltaspike should take care of the standard JavaEE security annotation.
> {code:java}
> @RolesAllowed
> @PermitAll
> @DenyAll
> {code}
> Maybe a default interceptor should do the job.
> I did something like this (does not covers everything)
> {code:java}
> @Interceptor
> @RolesSecured
> public class RolesSecuredInterceptor {
> private static final Logger LOGGER =
> LoggerFactory.getLogger(RolesSecuredInterceptor.class);
> @Inject
> private HttpServletRequest request;
> @AroundInvoke
> public Object intercept(InvocationContext ctx) throws Exception {
> boolean allowed = ctx.getMethod().getAnnotation(PermitAll.class) !=
> null;
> if (!allowed) {
> RolesAllowed rolesAllowed =
> ctx.getMethod().getAnnotation(RolesAllowed.class);
> if (rolesAllowed != null) {
> allowed = verifyRolesAllowed(rolesAllowed);
> }
> if (!allowed) {
> allowed =
> ctx.getMethod().getDeclaringClass().getAnnotation(PermitAll.class) != null;
> if (!allowed) {
> rolesAllowed =
> ctx.getMethod().getDeclaringClass().getAnnotation(RolesAllowed.class);
> if (rolesAllowed != null) {
> allowed = verifyRolesAllowed(rolesAllowed);
> } else {
> allowed = true;
> }
> }
> }
> }
> if (!allowed) {
> LOGGER.error("Utilisateur « {} » ne possede pas les droits pour
> appeler cette fonction « {} »", request.getUserPrincipal() != null ?
> request.getUserPrincipal().getName() : "anonyme",
> ctx.getMethod().getName());
> throw new SecurityException("Ne possede pas les droits pour
> appeler ce bean CDI");
> }
> return ctx.proceed();
> }
> private boolean verifyRolesAllowed(RolesAllowed rolesAllowed) {
> boolean allowed = false;
> if (request.getUserPrincipal() != null) {
> String[] roles = rolesAllowed.value();
> for (String role : roles) {
> allowed = request.isUserInRole(role);
> if (allowed) {
> break;
> }
> }
> }
> return allowed;
> }
> }
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Assigned] (DELTASPIKE-1347) DeltaSpike Window Scope doesn't work with IE 11 sometimes
[
https://issues.apache.org/jira/browse/DELTASPIKE-1347?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Gerhard Petracek reassigned DELTASPIKE-1347:
Assignee: Thomas Andraschko
> DeltaSpike Window Scope doesn't work with IE 11 sometimes
> -
>
> Key: DELTASPIKE-1347
> URL: https://issues.apache.org/jira/browse/DELTASPIKE-1347
> Project: DeltaSpike
> Issue Type: Bug
>Affects Versions: 1.8.1
>Reporter: Udo Schnurpfeil
>Assignee: Thomas Andraschko
>Priority: Minor
>
> I found a problem with the window id and *IE11*, described in TOBAGO-1901.
> I've tested the example of deltaspike current version:
> {code}
> $ cd deltaspike/examples/jsf-playground
> $ mvn clean package tomee:run -Prun-tomee-1.7.2
> {code}
> Browse with IE to:
> {code}
> http://10.211.55.2:8080/ds/views/windowhandling/clientwindow/test.xhtml
> {code}
> Clicking "GET Link", "Postback" or "Postback with outcome" will generate a
> new window id, every click.
> The bug doesn't happen, when opening the F12 tool, which make it tricky to
> debug.
> The bug doesn't happen, when adding the URL in the trusted sites
> configuration of IE.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (DELTASPIKE-1345) Support JavaEE Security annotation
[
https://issues.apache.org/jira/browse/DELTASPIKE-1345?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16490125#comment-16490125
]
Jonathan Laterreur commented on DELTASPIKE-1345:
[~gpetracek]
Awesome! Nice work. I think you covered all the spec. The only thing that you
can't do is related to the RunAs annotation. RunAs can also be a user (I
think... as I remember... it's something not really clear by the spec). Maybe
it's just that we need to target a user if we have many users with the role.
I don't understand what is #1 and #2 for ds.
> Support JavaEE Security annotation
> --
>
> Key: DELTASPIKE-1345
> URL: https://issues.apache.org/jira/browse/DELTASPIKE-1345
> Project: DeltaSpike
> Issue Type: New Feature
> Components: Security-Module
>Reporter: Jonathan Laterreur
>Assignee: Gerhard Petracek
>Priority: Minor
>
> Deltaspike should take care of the standard JavaEE security annotation.
> {code:java}
> @RolesAllowed
> @PermitAll
> @DenyAll
> {code}
> Maybe a default interceptor should do the job.
> I did something like this (does not covers everything)
> {code:java}
> @Interceptor
> @RolesSecured
> public class RolesSecuredInterceptor {
> private static final Logger LOGGER =
> LoggerFactory.getLogger(RolesSecuredInterceptor.class);
> @Inject
> private HttpServletRequest request;
> @AroundInvoke
> public Object intercept(InvocationContext ctx) throws Exception {
> boolean allowed = ctx.getMethod().getAnnotation(PermitAll.class) !=
> null;
> if (!allowed) {
> RolesAllowed rolesAllowed =
> ctx.getMethod().getAnnotation(RolesAllowed.class);
> if (rolesAllowed != null) {
> allowed = verifyRolesAllowed(rolesAllowed);
> }
> if (!allowed) {
> allowed =
> ctx.getMethod().getDeclaringClass().getAnnotation(PermitAll.class) != null;
> if (!allowed) {
> rolesAllowed =
> ctx.getMethod().getDeclaringClass().getAnnotation(RolesAllowed.class);
> if (rolesAllowed != null) {
> allowed = verifyRolesAllowed(rolesAllowed);
> } else {
> allowed = true;
> }
> }
> }
> }
> if (!allowed) {
> LOGGER.error("Utilisateur « {} » ne possede pas les droits pour
> appeler cette fonction « {} »", request.getUserPrincipal() != null ?
> request.getUserPrincipal().getName() : "anonyme",
> ctx.getMethod().getName());
> throw new SecurityException("Ne possede pas les droits pour
> appeler ce bean CDI");
> }
> return ctx.proceed();
> }
> private boolean verifyRolesAllowed(RolesAllowed rolesAllowed) {
> boolean allowed = false;
> if (request.getUserPrincipal() != null) {
> String[] roles = rolesAllowed.value();
> for (String role : roles) {
> allowed = request.isUserInRole(role);
> if (allowed) {
> break;
> }
> }
> }
> return allowed;
> }
> }
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (DELTASPIKE-1257) Research why BOM isn't working right in a release
[ https://issues.apache.org/jira/browse/DELTASPIKE-1257?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16490310#comment-16490310 ] Jörg Sesterhenn commented on DELTASPIKE-1257: - So, did it work? When will 1.8.2 be available? > Research why BOM isn't working right in a release > - > > Key: DELTASPIKE-1257 > URL: https://issues.apache.org/jira/browse/DELTASPIKE-1257 > Project: DeltaSpike > Issue Type: Task >Affects Versions: 1.8.0 >Reporter: John D. Ament >Assignee: John D. Ament >Priority: Major > Fix For: 1.8.2 > > > https://lists.apache.org/thread.html/655162d82786d1201c2b33a20d82db8a36a642d0d9afc20042584b0d@%3Cdev.deltaspike.apache.org%3E > Something causes the release to work incorrectly with the BOM not inheriting > from DS parent. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
