[jboss-user] [JBoss Seam] - Re: Seam Security - NotLoggedInException
http://jira.jboss.com/jira/browse/JBSEAM-2071 In light of the number of votes it has I scheduled it as a critical issue for 2.0.2 View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4117608#4117608 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4117608 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security - NotLoggedInException
I see I've already asked for this before - thanks for the update. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4117627#4117627 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4117627 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security - add a permission to Identity
[EMAIL PROTECTED] wrote : I'm currently working on some extensions to the security API, one of these will be ACL security which will allow you to assign instance-based permissions to users. When will be released? Is there any workaround for the 2.0.0 version? I need this in the current project. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4111533#4111533 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4111533 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security - add a permission to Identity
It should be available in CVS sometime next month. The workaround is to extend Identity yourself with the functionality that you need, although I don't imagine that this is trivial. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4111686#4111686 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4111686 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security - add a permission to Identity
I'm currently working on some extensions to the security API, one of these will be ACL security which will allow you to assign instance-based permissions to users. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4111498#4111498 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4111498 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security - add a permission to Identity
[EMAIL PROTECTED] wrote : There's currently nothing built into Seam to allow something like this. What do you suggest while Seam does not have such feature? Is there some plan to support that in the future? View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4111358#4111358 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4111358 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security - add a permission to Identity
There's currently nothing built into Seam to allow something like this. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4111353#4111353 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4111353 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security / identity.logout
On further research I found this. http://jira.jboss.org/jira/browse/JBSEAM-2165 It has been fixed in the new release. Thanks !!! View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4111045#4111045 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4111045 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security / identity.logout
You explained it the right way - as I said there is no guarantee that your authenticate method (loginBean.login) will only be called once by Seam's security API. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4109516#4109516 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4109516 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security / identity.logout
I think I put it the wrong way. What I meant to say is i have mapped | security:identity authenticate-method=#{loginBean.login}/ | and the loginBean.login method is something like | public boolean login(){ | boolean succeeded = loginAction.login(); | return succeeded; | } | so this method is called twice when succeeded = false and is called just once when suceeded = true so when i debugged i see that Identity class's authenticate method is getting called twice. Why is trying to call loginBean.login again??? View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4109413#4109413 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4109413 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security / identity.logout
Thanks Shane. I see one more behavior When i provide the wrong username or password, my configured login method is being called twice. On debugging I see that the method authenticate of Identity class | public void authenticate() | throws LoginException |{ | // If we're already authenticated, then don't authenticate again | if (!isLoggedIn()) | { | authenticate( getLoginContext() ); | } |} | is getting called again when my login fails. And once more it runs through my login method and completes. I am returning true on sucessful login and false on failure and I am checking #{identity.loggedIn} in my pages.xml file. But that is getting called at the very end which is correct, but I can't understand why authenticate is called once again when the login returns false. Any thoughts about this would be really helpful as there is a whole lot of code going inside my login and I dont want it to be called unnecessarily. Thanks ! View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4109028#4109028 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4109028 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security / identity.logout
This is normal also - there is no guarantee as to how many times your authenticate method is called. If you need to perform certain actions when authentication is successful then use an event. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4109073#4109073 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4109073 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security / identity.logout
Write an event observer for org.jboss.seam.loggedOut, this event is raised when Identity.logout() is called. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4108686#4108686 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4108686 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security / identity.logout
Thanks, it worked. I had another question too... I am configuring my identity.login to loginBean.login and my loginBean class is like | import org.jboss.seam.annotations.In; | import org.jboss.seam.annotations.Name; | | @Name(loginBean) | public class LoginBean { | | @In(#{identity.username}) | private String username; | | @In(#{identity.password}) | private String password; | | public boolean login() { | //login code here | return true; | } | | public void logout(){ | //logout code here | } | | } | | ?xml version=1.0 encoding=UTF-8? | components xmlns=http://jboss.com/products/seam/components; | xmlns:core=http://jboss.com/products/seam/core; | xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; | xsi:schemaLocation= | http://jboss.com/products/seam/core http://jboss.com/products/seam/core-2.0.xsd | http://jboss.com/products/seam/components http://jboss.com/products/seam/components-2.0.xsd; | | security:identity authenticate-method=#{loginBean.login}/ | | event type=org.jboss.seam.loggedOut | action execute=#{loginBean.logout}/ | /event | | /components | I am getting @In required exception during logout only for password field. identity.username is still there and its not complaining. Just wanted to double check if this is the normal behavior that identity.password will be flushed out once the user is authenticated while the username remains. Or am I missing something. Is it because the username is stored in the cookie. Please advice. Thanks ! View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4108730#4108730 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4108730 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security / identity.logout
That is normal behaviour. The password is cleared after successful authentication. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4108750#4108750 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4108750 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security Richfaces (a4j) form problem
You need something like http://jira.jboss.org/jira/browse/JBSEAM-1893 which I added to Seam today ;) View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4105859#4105859 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4105859 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security Richfaces (a4j) form problem
Yeah.. this exactly what I need :) I hope.. it will be working with ajax4jsf. Thank you for answer. I'm waiting for Seam 2.0.1.. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4105861#4105861 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4105861 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam, security and session
[EMAIL PROTECTED] wrote : Use a page action on /home.xhtml to check login and issue a redirect using FacesManager if they are. Can u explain, or target me? page actions (u mean pages.xml) and u also write about FacesManager, but that 2 different ways. I think better way maybe is in pages.xml but don't know how. Can U show me example? View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4105424#4105424 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4105424 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam, security and session
I done as u said, but page doesn't work properly. All app properties names are not visible and other stuff. anonymous wrote : | #{messages['login.portal']} | #{messages['login.login']} | Here is my code | page view-id=/home.xhtml | action execute=#{sessionAction.redirectIfLoggedIn} / | /page | anonymous wrote : | public void redirectIfLoggedIn() { |try { | if (identity.isLoggedIn()) { | facesContext.getExternalContext().redirect(/mlm/pages/system.xhtml); | | } else { | facesContext.getExternalContext().redirect(/mlm/home.xhtml); | | } | } catch (Exception e) { } | } | View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4105467#4105467 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4105467 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam, security and session
Use a page action on /home.xhtml to check login and issue a redirect using FacesManager if they are. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4105372#4105372 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4105372 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam, security and session
page view-id=/home.xhtml | action execute=#{controller.redirectIfLoggedIn} public void redirectIfLoggedIn() { |// If logged in |FacesManager.instance().redirect(/secure/home.xhtml); View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4105428#4105428 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4105428 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam, security and session
No you haven't, I used FacesManager. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4105477#4105477 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4105477 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security LDAP support
JBoss SSO supports LDAP http://jira.jboss.com/jira/browse/JBSEAM-1032 View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4099045#4099045 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4099045 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security LDAP support
If you're using JBoss AS then there's already an LDAP login module you can use, org.jboss.security.auth.spi.LdapLoginModule. You just need to configure Seam Security to use a configuration with this login module. The security chapter of the documentation should explain how to do this, however if you have problems please let me know. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4099093#4099093 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4099093 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security LDAP support
OK thanks Shane. I just thought that Seam would support LDAP directly instead of tightly coupling to appserver. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4099105#4099105 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4099105 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: seam security and Restful parameters
If you have any tips on the problem stated above please give me a hint because I couldn't find any possible solutions. Thanks in advance View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4097396#4097396 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4097396 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security
You can use whatever you like. In my app when a user logs in my authenticate method loads their roles from a database and puts them in the Identity object. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4070411#4070411 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4070411 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security working in Facelets but not via annotation
Okay, that makes sense. Thanks for the speedy response. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4069899#4069899 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4069899 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security working in Facelets but not via annotation
How are you accessing the tryRulesEngine() method? View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4069855#4069855 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4069855 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security working in Facelets but not via annotation
A Facelet is referencing the name property of the authenticator, as follows: h2name = #{authenticator.name}/h2 View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4069864#4069864 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4069864 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security working in Facelets but not via annotation
I've now tried invoking the tryRulesEngine() from a command button (rather than via the property accessor) and it works. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4069868#4069868 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4069868 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security working in Facelets but not via annotation
That's correct behaviour. Seam Security is used to secure action methods, not properties. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4069880#4069880 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4069880 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security user session...
Yes Shane, I do like you offer, this is easies way:) I simply remove login form and add logout button. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4068124#4068124 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4068124 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security user session...
You can use the identity object to check if the user is logged in, get the user name, etc. There is a method on identity to log out. Within your JSF page you can simply refer to #{identity.username} and in your code you can do @In Identity identity; (org.jboss.seam.security.Identity). There are many examples of how this works in the seam examples. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4068025#4068025 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4068025 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security user session...
In general, I would just restrict the way the client interface is built to not display a login form if the user is already logged in. The seamspace (and other examples) do this already, take a look at template.xhtml and home.xhtml in seamspace. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4068076#4068076 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4068076 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security with drools logging not working
In seam 1.2.1 in RuleBase.java there is the following code: packageDescr = new DrlParser().parse(drlReader); It never checks to see if the parser had any errors and therefore does not log them. Even worse, DrlParser is not a local variable to even have a look at using a debugger, and the Drools code from JBoss doesn't have line numbers enabled for debugging. Unless I am missing something, it doesn't look like there is any way to get error messages from the rules engine for compiler rules. Is that true? View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4057056#4057056 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4057056 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security with drools logging not working
OK, I added logging of errors to CVS, please try it out, I dont have time today. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4057060#4057060 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4057060 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security with drools logging not working
Gavin, I am no longer sure if this is a seam problem after all, but a problem with drools. In rules 3.0.6 (the only source I could get my hands on), The Rule.isValid() has: if ( this.consequence == null || !isSemanticallyValid() ) { but nowhere in the code is the consequence set, so it is always null, and thus always invalid. The only time setConsequence is called is from PackageCompilationData from reload() and write(String, byte[]). These are only called by AbstractRuleBase.mergePackage(Package, Package) and PackageStore.write(String, byte[]) I am not familiar with drools, but does anyone have an idea, or is this indeed a bug in drools 3.0.6? View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4057066#4057066 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4057066 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security with drools logging not working
Okay, found the issue. I used maven to build my war, and I built the dependencies that pulled the jars from maven central. It appears those are incompatible with the Seam setup. What I had from maven: commons-jci-core-1.0.jar commons-jci-janino-1.0.jar drools-compiler-3.0.5.jar drools-core-3.0.5.jar If I install into maven the jars from seam 1.2.1: commons-jci-core-1.0-406301.jar commons-jci-janino-2.4.3.jar drools-compiler-3.0.5.jar drools-core-3.0.5.jar It works. Sorry for the rabbit trail. Hopefully at one point all the seam jars will be hosted on maven with a seam archetype. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4057072#4057072 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4057072 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security problem
You need to disable directory browsing in your web container. Keep in mind that an entry in pages.xml ONLY protects resources that go through Faces Servlet. It will not protect resources on the server (directory listings/static files) that aren't served through it. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4055069#4055069 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4055069 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security problem
You need to disable directory browsing in your web container. Keep in mind that an entry in pages.xml ONLY protects resources that go through Faces Servlet. It will not protect resources on the server (directory listings/static files) that aren't served through it. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4055069#4055069 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4055069 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security problem
You need to disable directory browsing in your web container. Keep in mind that an entry in pages.xml ONLY protects resources that go through Faces Servlet. It will not protect resources on the server (directory listings/static files) that aren't served through it. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4055070#4055070 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4055070 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security question, in vpn environment
Add a page action to /admin/* check the ip. You can get via the facesContext. Regards Felix View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4048840#4048840 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4048840 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security question, in vpn environment
Great. It works. Thanks a lot. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4048844#4048844 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4048844 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security Problem
Thanks, but i have packed the seam.properties into the root of jar... Yesterday evening I recreated my workspace with a seam-gen. I know it's a workaround... Would you like to at the source of the old project? View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4041359#4041359 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4041359 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security Problem
From the log it looks like component test cannot be found. When your app starts up, is it listed among the other components? Do you have a seam.properties in your jar file? View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4041266#4041266 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4041266 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security: isUserInRole() expression
So, this documentation in Seam is wrong? http://docs.jboss.com/seam/1.2.1.GA/reference/en/html/components.html anonymous wrote : | org.jboss.seam.core.isUserInRole | | Allows JSF pages to choose to render a control, depending upon the roles available to the current principal. h:commandButton value=edit rendered=#{isUserInRole['admin']}/. | | View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4037649#4037649 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4037649 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security: isUserInRole() expression
From my experience (and from this posting) this code does not work on the frontend. The documentation is incorrect. Allows JSF pages to choose to render a control, depending upon the roles available to the current principal. h:commandButton value=edit rendered=#{isUserInRole['admin']}/. you have to use (this does works) rendered=#{s:hasRole('admin')} View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4037720#4037720 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4037720 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security: isUserInRole() expression
[EMAIL PROTECTED] wrote : So, this documentation in Seam is wrong? | | http://docs.jboss.com/seam/1.2.1.GA/reference/en/html/components.html | The isUserInRole that was originally built into Seam is based on servlet security (and still is). In this regard the documentation is technically correct, however if you are using Seam security then you have to use s:hasRole. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4037757#4037757 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4037757 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security: isUserInRole() expression
Shane, This is working. The problem was with the SeamFaceletViewHandler. It is required to do the Seam Security using s:hasRole('admin'). That was documented. It appears to require a different format for the JSP pages as follows: ( it likes the jsp:root format ) ?xml version=1.0? | jsp:root xmlns:jsp=http://java.sun.com/JSP/Page; | xmlns:h=http://java.sun.com/jsf/html; | xmlns:f=http://java.sun.com/jsf/core; | xmlns:s=http://jboss.com/products/seam/taglib; | xmlns=http://www.w3.org/1999/xhtml; | version=2.0 | jsp:output doctype-root-element=html | doctype-public=-//W3C//DTD XHTML 1.0 Transitional//EN | doctype-system=http://www.w3c.org/TR/xhtml1/DTD/xhtml1-transitional.dtd/ | jsp:directive.page contentType=text/html/ | html | previously it was: %@ taglib uri=http://java.sun.com/jsf/html; prefix=h % | %@ taglib uri=http://java.sun.com/jsf/core; prefix=f % | %@ taglib uri=http://jboss.com/products/seam/taglib; prefix=s % | %@ taglib uri=http://jboss.com/products/seam/entityconverter/taglib; prefix=ec% | | !DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Strict//EN http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd; | html xmlns=http://www.w3.org/1999/xhtml; xml:lang=en lang=en | View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4036407#4036407 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4036407 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security: isUserInRole() expression
Use s:hasRole('admin') instead. isUserInRole is a servlet feature, and isn't currently integrated with Seam security. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4036171#4036171 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4036171 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security Question - Tomcat Valve
I need SSO with other old struts application on same server. With this class SSO authentication works, but authorization #{s:hasRole('admin')} don't :-( @Name(org.jboss.seam.security.identity) @Scope(SESSION) @Install(precedence = Install.APPLICATION) @Intercept(NEVER) @Startup public class MyIdentity extends Identity { @Override public Principal getPrincipal() { Principal currentUser = ((HttpServletRequest) FacesContext.getCurrentInstance().getExternalContext() .getRequest()).getUserPrincipal(); return currentUser; } } View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4033777#4033777 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4033777 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security Question - Tomcat Valve
The problem is that the Seam security model is tightly coupled to a JAAS model of security - i.e. the Subject class and friends. With CAS and our custom Tomcat Valve, the servlet container associates/manages a copy of the authenticated Principal (a.k.a. userPrincipal in Seam) with the HttpServletRequest and in the Valve, it's possible for us to make isUserInRole() work as expected as well. It would be ideal for us if Seam allowed us to provide or override the Principal and roles for a user (and even permissions too but we're not using permissions directly) to the Identity component. I would be reluctant to use the approach you show in the previous post because that's sure to be outdated or broken with any future release of Spring - especially since there are JIRA task(s) for the Identity component now. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4033813#4033813 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4033813 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security adds default messages
You can easily override the built-in Identity component to do whatever you like, eg. stub out the addLoginSuccessfulMessage() method. This is one of the nice things about Seam built-in components. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4031862#4031862 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4031862 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security adds default messages
fernando_jmt wrote : The messages you should add to your .properties file are | | org.jboss.seam.loginSuccessful = Welcome, #0 | | and | | org.jboss.seam.loginFailed = Login failed | | | In case of login fails it is natural to add the message (which I can configure as I want), but in the case of the login is successfully not all cases it is required to add a success message. | | Is there a way in order to turn off the success message? | | I am using a custom resource bundle (not the jsf style resource bundle) because of the requirements of our multi-language application. In that case what you recommended may not apply. I tried setting my own message as shown below but got my own message and the default message (Login failed) displayed as error messages. The result tells me that you set the error message only after the authenticate() method returns false. Error messages displayed: * Invalid username or password * Login failed in that order. public boolean authenticate(){ try { user = (TsUsersEntityBean) em.createQuery(from TsUsersEntityBean where userLoginId = :username) .setParameter(username, identity.getUsername()) .getSingleResult(); }catch (NoResultException ex){ FacesMessages.instance().add(Invalid username or password); return false; } To make the error handling more generic, I am recommending that you have methods that return and set the various messages. Your indentity class might be the appropriate class to add the methods - similar to Identity.addRole(String) method. Hence, one can then set the appropriate message based on your specified key. For example: Identity.setLoginError(org.jboss.seam.loginFailed, Invalid username or password); The message set could be in any locale. In your own code(seam code) if the user authenticate method returns false, you can then call Identity.getLoginError(org.jboss.seam.loginFailed), if it returns null then set it to Login failed otherwise use the returned value. Do a similar thing for all the other messages related to authentication (login). Doing so will make your authentication method usable by any locale. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4031392#4031392 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4031392 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security adds default messages
Please create a JIRA issue to add these message keys to the docs. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4030408#4030408 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4030408 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security with JAAS config
I am having exactly the same problems in that I am porting a Seam application that was working with JAAS FORM authentication to use the new Seam security code: anonymous wrote : Seam Security only uses JAAS for authentication, not for authorization. I'm guessing that your action is protected with some container security mechanism, rather than the authorization features provided by Seam? | Is it possible to get Seam Security to work with existing JAAS components for authorization as well? (Is this even planned?) Let me explain... For security reasons I have explicitly secured ALL my EJBs with container security annotations. This is because they may be invoked from sources other than just the seam web interface (e.g. web services, remote mbean connections, etc). To do this, I mark all my business logic with annotations like: @Stateless | @SecurityDomain(myapp) | @RolesAllowed({AppUser,AppSystem,AppAdmin}) Previously, I was using the standard Tomcat JAAS FORM authentication support (using security-constraint and login-config in web.xml), which I believe was responsible for injecting the currently authenticated user into the session, so when my authenticated Seam session made calls on EJBs, everything just worked. In fact, I was even able to get the current logged-in JAAS user from my EJB code by calling SessionContext.getCallerPrincipal(). Since I am now longer using Tomcat to do this, is it possible to get Seam to inject the JAAS principal into the session context so authenticated calls to EJB methods still work? I do not know enough about the internal workings of this stuff, but would it not be the responsibility of the SeamListener to inject the JAAS context accordingly? Thanks, Scott View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4029658#4029658 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4029658 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security with JAAS config
We've got a number of outstanding JIRA issues to address this, see the following container task for details: http://jira.jboss.com/jira/browse/SECURITY-38 View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4029673#4029673 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4029673 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security with JAAS config
Yes, you are correct; there is a mechanism protecting the calls. Up until now, I had been using the FORM method to authenticate with a login servlet. Once authenticated, this authorization mechanism works properly. I wanted to add and use the Seam Identity to do role-based page-level authorzation, and for conditional rendering in my facelets, while keeping the old authorization mechanism for methods. I though that the JAAS authentication would behave the same way, if I specified a jass-config-name in components.xml. I.e., like the call I see in FormAuthenticator: | ... | principal = context.getRealm().authenticate(username,password); | It doesn't appear that the Identity authenticates the way FormAuthenticator did. I guess this is design intent. Since it doesn't, I though I could make this call myself, in an authenticate-method, something like: | public class Authenticator { |public boolean authenticate() { | |Realm realm = ??? |p = realm.authenticate(identity.getUsername(),identity.getPassword()); |... |return true; | } | Then, if it was OK, I would populate the identity with the user's roles return true. But I can't figure out how the get ahold of the/a Realm instance. I see that the FormAuthenticator gets it from the context, which comes from the request. Is this workable, or am I missing something obvious? I am a bit of a novice with JAAS have to admit it is a bit confusing at times. A dumpstack for My old FORM method authentication. ( I looked at these sources to see how a successful authentication is/was done. ) | at java.lang.Thread.dumpStack(Thread.java:1158) | at centina.sa.server.security.SecurityManager.completeLogin(SecurityManager.java:507) | at centina.sa.server.security.SecurityManagerLoginModule.commit(SecurityManagerLoginModule.java:181) | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) | at java.lang.reflect.Method.invoke(Method.java:585) | at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769) | at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) | at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) | at java.security.AccessController.doPrivileged(Native Method) | at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) | at javax.security.auth.login.LoginContext.login(LoginContext.java:580) Above called at (579) | at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:601) | at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:535) | at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:344) | at org.jboss.web.tomcat.security.JBossSecurityMgrRealm.authenticate(JBossSecurityMgrRealm.java:491) | at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:257) | at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:416) | at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74) | at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126) | at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) | at org.jboss.web.tomcat.tc5.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:156) | at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107) | at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) | at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869) | at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664) | at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527) | at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112) | at java.lang.Thread.run(Thread.java:595) | View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4024561#4024561 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4024561 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security Question - Tomcat Valve
I don't think it would be too hard for Seam Security to authenticate against a Tomcat realm - if you create a JIRA issue for this and assign it to me I'll add this functionality when I get a chance. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4024387#4024387 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4024387 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security Question - Tomcat Valve
I create issue http://jira.jboss.com/jira/browse/JBSEAM-967. Note that what I'm really asking at the moment, is for away to establish an Identity that uses the HttpServletRequest to obtain the Principal, and check roles. Thanks, Brad Smith View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4024400#4024400 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4024400 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security with JAAS config
Seam Security only uses JAAS for authentication, not for authorization. I'm guessing that your action is protected with some container security mechanism, rather than the authorization features provided by Seam? View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4024523#4024523 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4024523 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security question
identity.logout() calls Seam.invalidateSession() itself, no need to call it separately. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4023277#4023277 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4023277 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security question
Thanks for the quick response Shane! View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4023280#4023280 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4023280 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security and ICEFaces
I have security configuration using Seam 1.1.6GA with ICEFaces 1.5.3. I only have one know issue (also reported in both forums. When I want to logout I get exceptions. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4019127#4019127 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4019127 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security and ICEFaces
Can I take a look at your web.xml and faces-config.xml I'm suspecting it doesn't work because of the configuration and perhaps also the ICEFaces library. I can not even login using the latest Seam security feature with ICEFaces Thanks in advance View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4019139#4019139 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4019139 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security and ICEFaces
My faces-config.xml: | faces-config | application | message-bundlemessages/message-bundle | view-handlercom.icesoft.faces.facelets.D2DSeamFaceletViewHandler/view-handler | variable-resolverorg.jboss.seam.jsf.SeamVariableResolver/variable-resolver | /application | !-- Seam extended transaction management -- | lifecycle | phase-listenerorg.jboss.seam.jsf.SeamExtendedManagedPersistencePhaseListener/phase-listener | /lifecycle | | /faces-config | My web.xhml: | web-app xmlns=http://java.sun.com/xml/ns/j2ee; | xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; | xsi:schemaLocation=http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd; | version=2.4 | | | | | context-param | param-namejavax.faces.STATE_SAVING_METHOD/param-name | param-valueclient/param-value | /context-param | | context-param | param-namefacelets.DEVELOPMENT/param-name | param-valuetrue/param-value | /context-param | | | | context-param | param-namejavax.faces.DEFAULT_SUFFIX/param-name | param-value.xhtml/param-value | /context-param | | context-param | param-namefacelets.SKIP_COMMENTS/param-name | param-valuetrue/param-value | /context-param | | context-param | param-namecom.icesoft.faces.actionURLSuffix/param-name | param-value.jsf/param-value | /context-param | | !-- concurrent DOM views -- | context-param | param-namecom.icesoft.faces.concurrentDOMViews/param-name | param-valuetrue/param-value | /context-param | !-- Asynchronous Updates -- | context-param | param-namecom.icesoft.faces.synchronousUpdate/param-name | param-valuetrue/param-value | /context-param | | filter | filter-nameSeam Filter/filter-name | filter-classorg.jboss.seam.web.SeamFilter/filter-class | /filter | | | |listener-classorg.jboss.seam.servlet.SeamListener/listener-class | /listener | | listener | listener-classorg.apache.myfaces.webapp.StartupServletContextListener/listener-class | /listener | | filter-mapping | filter-nameSeam Filter/filter-name | url-pattern/*/url-pattern | /filter-mapping | | | | | | servlet | servlet-nameBlocking Servlet/servlet-name | servlet-classcom.icesoft.faces.webapp.xmlhttp.BlockingServlet/servlet-class | load-on-startup1/load-on-startup | /servlet | | servlet | servlet-namePersistent Faces Servlet/servlet-name | servlet-classcom.icesoft.faces.webapp.xmlhttp.PersistentFacesServlet/servlet-class | load-on-startup1/load-on-startup | /servlet | | servlet-mapping | servlet-namePersistent Faces Servlet/servlet-name | url-pattern/xmlhttp/*/url-pattern | /servlet-mapping | | servlet-mapping | servlet-namePersistent Faces Servlet/servlet-name | url-pattern/xmlhttp/*/url-pattern | /servlet-mapping | | servlet-mapping | servlet-namePersistent Faces Servlet/servlet-name | url-pattern*.iface/url-pattern | /servlet-mapping | | !-- Blocking Servlet Mapping -- | servlet-mapping | servlet-nameBlocking Servlet/servlet-name | url-pattern/block/*/url-pattern | /servlet-mapping | | !-- Faces Servlet Mapping -- | servlet-mapping | servlet-namePersistent Faces Servlet/servlet-name | url-pattern*.jsf/url-pattern | /servlet-mapping | | welcome-file-list | welcome-fileindex.html/welcome-file | /welcome-file-list | | | /web-app | | One note: Above configuration, specially for Seam Filter is for Seam 1.1.6 CVS nightly build, if you want to use it, you should get a CVS copy of Seam and build it. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4019149#4019149 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4019149 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security
I've had no problems implementing the latest authentication/authorisation security features thanks to the contributors to this thread :) I now need to roll my own implementation of org.jboss.seam.security.Identity to include a third log-in form attribute called 'organisation'. This identifies the user as a member of a particular organisation, fulfilling one or more roles. I need to use this approach as the user could also be a member of one or more organisations with a totally different set of roles/permissions for each. I have extended the Identity class to implement the additional attribute, however I am stuck when it comes to annotating MyIdentity class in such a way that Seam 'knows' this is the identity type to use. I have injected MyIdentity into the Authenticator implementation but get the following exception which indicates Seam is still looking at its' own version: javax.faces.el.PropertyNotFoundException: /login.xhtml @45,84 value=#{identity.organisation}: Bean: org.jboss.seam.security.Identity, property: organisation Can anyone point me in the right direction please? Thanks Andrew View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4017539#4017539 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4017539 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security
I use this: @Name(org.jboss.seam.security.identity) | public class Identity extends org.jboss.seam.security.Identity { | | ... | |public static Identity instance() { | if ( !Contexts.isSessionContextActive() ) { | throw new IllegalStateException(No active session context); | } | | Identity instance = (Identity) Component.getInstance(Identity.class, ScopeType.SESSION, true); | | if (instance == null) { | throw new IllegalStateException(No Identity could be created); | } | return instance; |} | } (Running from CVS from earlier this week) View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4017544#4017544 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4017544 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security
Your one should have application precedence (the default), the core one has the lower built in precedence. From the source | @Name(org.jboss.seam.security.identity) | @Scope(SESSION) | @Install(precedence = BUILT_IN, classDependencies=org.drools.WorkingMemory) | So if you define a component with the same name and leave the precedence as default it should prefer your component over the default one. If you're getting a clash like that you are probably either specifying @Install( BUILT_IN ) by accident or have the component duplicated somewhere. Cheers. Mike. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4017561#4017561 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4017561 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security
You have security:identity / in your components.xml right? As Seam's Identity is not marked @Install(value=false) by putting that line in components.xml you end up creating an Identity component (which has APPLICATION precedence (as per the defaults)). So, what you in fact need to do, in components.xml, is to configure *your* Identity component rather than Seam's. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4017581#4017581 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4017581 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security
Pete, I had overlooked the extra attributes on the security:identity / tag that provide for a bespoke Identity so thank you for making me revisit this - I will amend my configuration. Mike, thanks for your pointers. I actually got my Identity working by changing the precedence as per your suggestion. Thank you both for your guidance (and patience). View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4017589#4017589 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4017589 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security
So to get it working, did you have the same @Name as the built-in component, @Scope of APPLICATION, and no @Install annotation? Could you show what the line in your components.xml that you changed to get it working was? I'm about to start doing this, so your help would be greatly appreciated. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4017701#4017701 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4017701 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security
I've tried to apply the settings via the 'class' and 'precedence' attributes of the security:identity .../ element but to no avail. My implementation of Identity does work however with the following annotation - @Install(precedence = DEPLOYMENT). According to the javadocs this is the precedence to use for components which override application components in a particular deployment. As this works for me I am not going to fiddle with my security:identity .../ element any further, so if you get it working that way let us know. For completeness I have included my code below. I hope this helps. | @Name(org.jboss.seam.security.identity) | @Scope(SESSION) | @Install(precedence = DEPLOYMENT) | public class Identity extends org.jboss.seam.security.Identity { | | private static final long serialVersionUID = 310149672922155L; | | private String organisation; | | public static Identity instance() { | if ( !Contexts.isSessionContextActive() ) { | throw new IllegalStateException(No active session context); | } | | Identity instance = | (Identity)Component.getInstance(Identity.class, ScopeType.SESSION, true); | | if (instance == null) { | throw new IllegalStateException(No Identity could be created); | } | return instance; | } | | public String getOrganisation() { | return organisation; | } | | public void setOrganisation(String organisation) { | setDirty(this.organisation, organisation); | this.organisation = organisation; | } | | } | View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4017802#4017802 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4017802 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security
P.S. Components.xml remains unchanged i.e. | security:identity authenticate-method=#{authenticator.authenticate}/ | View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4017807#4017807 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4017807 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security
If you're using your own Identity implementation you can't configure it with security:identity ... in components.xml, you need to add a component class=com.mycustom.identity ... element instead. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4017944#4017944 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4017944 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security and jBPM
Is it for the same reason as this? http://jboss.com/index.html?module=bbop=viewtopicp=3991371 - jBPM does not yet support parameters in method bindings, unfortunately. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4015934#4015934 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4015934 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security and jBPM
Ah, yes, this is a big missing feature. Forgot about that. http://jira.jboss.org/jira/browse/JBSEAM-842 View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4015947#4015947 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4015947 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security and jBPM
damianharvey wrote : Is it for the same reason as this? | http://jboss.com/index.html?module=bbop=viewtopicp=3991371 | - jBPM does not yet support parameters in method bindings, unfortunately. Yes, the same underlying reason. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4015952#4015952 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4015952 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security adds default messages
I think fernando_jmt is right, for example in my case I link graphical icon with messages. Icon is rendered when #{! empty facesContext.maximumSeverity}, unfortunetly when I set org.jboss.seam.loginSuccessful to be an empty string my icon is also rendered. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4013540#4013540 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4013540 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security adds default messages
Add your message to messages.properties, check the sourcecode to find the name of the key, I forget. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4013184#4013184 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4013184 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security adds default messages
The messages you should add to your .properties file are org.jboss.seam.loginSuccessful = Welcome, #0 and org.jboss.seam.loginFailed = Login failed In case of login fails it is natural to add the message (which I can configure as I want), but in the case of the login is successfully not all cases it is required to add a success message. Is there a way in order to turn off the success message? View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4013187#4013187 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4013187 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security adds default messages
An empty message? View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4013188#4013188 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4013188 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam security adds default messages
I think an empty message will generate the h:messages also renders an empty message. I think it would be better detects if org.jboss.seam.loginSuccessful is in the messages.properties, if it exists then add the message, if doesn't exist, don't add the message. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4013196#4013196 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4013196 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security
does the seam security support multiple authentication modes in the same application such as Digital Certificate login and Username/Password login. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4012409#4012409 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4012409 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security
lightbulb432 wrote : When catching NotLoggedInException in exceptions.xml, I have a | | redirect view-id=/login.xhtmlNot logged in/redirect for the NotLoggedInException. | | While the redirect works correctly, the message Not logged in doesn't display in login.xhtml's h:messages globalOnly=true / | | Why won't this message appear? I spoke too soon when I said the above problem sorted itself out. The following does not work: exception class=org.jboss.seam.NotLoggedInException |redirect view-id=/login.xhtml | messageNot logged in/message |/redirect | /exception This does not appear in any case. Only for authorization exceptions (when the user doesn't have appropriate permissions) does the message appear. Keep in mind the redirect is working, however, and the login.xhtml does have an h:messages. Is this a bug in Seam? View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4012497#4012497 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4012497 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security
venkateshbr wrote : does the seam security support multiple authentication modes in the same application such as Digital Certificate login and Username/Password login. There is no special support for X509 authentication as yet, although it's on the to-do list. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4012674#4012674 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4012674 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security
lightbulb432 wrote : | I spoke too soon when I said the above problem sorted itself out. The following does not work: | | exception class=org.jboss.seam.NotLoggedInException | |redirect view-id=/login.xhtml | | messageNot logged in/message | |/redirect | | /exception | | This does not appear in any case. Only for authorization exceptions (when the user doesn't have appropriate permissions) does the message appear. Keep in mind the redirect is working, however, and the login.xhtml does have an h:messages. Is this a bug in Seam? This is definitely working in the seamspace example in cvs. Navigating to the url http://localhost:8080/seam-space/comment.seam?name=Mr_SmileyblogId=2 while not logged in will cause a redirect to the registration page, with the error message being displayed. You might like to compare the config files with your own to see if there's anything majorly different, otherwise if you post a working example to jira I'd be happy to look at it for you. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4012678#4012678 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4012678 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security
I'll give it a shot, thanks. How would you use enums as roles added to the identity? Right now I'm using an enum but it expects strings, so instead of having a simple enum with just { ROLE1, ROLE2 }, I have to have a constructor and String property in the enum. I also must refer to it as myEnumEntry.getStringProperty() instead of just myEnumEntry. Is there any support for using enums as roles, or must I convert everything to a String before doing it? I figure enums could be a nice, clean, and simple way of doing this...? (An example of where enums are appropriate, no?) View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4012698#4012698 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4012698 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security
I personally wouldn't use enums for roles - unless perhaps you're persisting user roles as enums. Of course there's no problem doing this, you just need to call Identity.addRole(myEnum.toString()) in your authenticator method. I could modify the addRole() method to accept an Object instead of a String, the only difference being that it would call toString() on whatever object you pass in. In the other areas of the security API, I can't really see any advantage doing this though, especially since the security expressions only work with string values anyway. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4012716#4012716 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4012716 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security
Yet another problem... Is it looking for a login() method, rather than a login with the three required arguments? I dunno, but it's not working with the latest CVS of Seam and I've declared the login method in the session bean interface. And I've declared my login method in the components.xml... 12:48:56,609 ERROR [SeamLoginModule] Error invoking login method | javax.faces.el.EvaluationException: Exception while invoking expression #{login.login} | at org.apache.myfaces.el.MethodBindingImpl.invoke(MethodBindingImpl.java:165) | at org.jboss.seam.actionparam.ActionParamBindingHelper.invokeTheExpression(ActionParamBindingHelper.java:59) | at org.jboss.seam.actionparam.ActionParamMethodBinding.invoke(ActionParamMethodBinding.java:74) | at org.jboss.seam.core.Expressions$2.invoke(Expressions.java:102) | at org.jboss.seam.security.jaas.SeamLoginModule.login(SeamLoginModule.java:102) | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) | at java.lang.reflect.Method.invoke(Method.java:585) | at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769) | at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) | at javax.security.auth.login.LoginContext$5.run(LoginContext.java:706) | at java.security.AccessController.doPrivileged(Native Method) | at javax.security.auth.login.LoginContext.invokeCreatorPriv(LoginContext.java:703) | at javax.security.auth.login.LoginContext.login(LoginContext.java:575) | at org.jboss.seam.security.Identity.authenticate(Identity.java:204) | at org.jboss.seam.security.Identity.authenticate(Identity.java:197) | at org.jboss.seam.security.Identity.login(Identity.java:182) | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) | at java.lang.reflect.Method.invoke(Method.java:585) | at com.sun.el.parser.AstValue.invoke(AstValue.java:151) | at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:283) | at com.sun.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:68) | at com.sun.facelets.el.LegacyMethodBinding.invoke(LegacyMethodBinding.java:69) | at org.apache.myfaces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:63) | at javax.faces.component.UICommand.broadcast(UICommand.java:106) | at javax.faces.component.UIViewRoot._broadcastForPhase(UIViewRoot.java:94) | at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:168) | at org.apache.myfaces.lifecycle.LifecycleImpl.invokeApplication(LifecycleImpl.java:343) | at org.apache.myfaces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:86) | at javax.faces.webapp.FacesServlet.service(FacesServlet.java:137) | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252) | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) | at org.jboss.seam.servlet.SeamRedirectFilter.doFilter(SeamRedirectFilter.java:29) | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) | at org.jboss.seam.servlet.SeamExceptionFilter.doFilter(SeamExceptionFilter.java:43) | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) | at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) | at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213) | at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178) | at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175) | at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:432) | at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74) | at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126) | at
[jboss-user] [JBoss Seam] - Re: Seam Security
Note that it was working fine until I upgraded to the latest CVS version to solve another problem, so I don't think the problem's within my login method or anything like that (as I didn't make changes to those after upgrading). View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4012121#4012121 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4012121 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security
The authentication way was changed in the CVS version. You should use it as follows sample: | ... | @In |private Identity identity; | |public boolean authenticate() |{ | try | { | Member member = (Member) entityManager.createQuery( | from Member where username = :username) | .setParameter(username, identity.getUsername()) | .setParameter(password, identity.getPassword()) | .getSingleResult(); | for ( MemberRole mr : member.getRoles() ) | { | identity.addRole(mr.getName()); | } | | return true; | } | catch (NoResultException ex) | { | return false; | } |} | | View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4012125#4012125 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4012125 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security
Oh, I didn't realize that, thanks. When catching NotLoggedInException in exceptions.xml, I have a redirect view-id=/login.xhtmlNot logged in/redirect for the NotLoggedInException. While the redirect works correctly, the message Not logged in doesn't display in login.xhtml's h:messages globalOnly=true / Why won't this message appear? My next question is how can the exception object be accessed from within a page? I looked up the Seam documentation under the Seam pre-installed components but nothing related to exceptions comes up...I'm thinking of some kind of #{exception.stackTrace} or something... View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4012139#4012139 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4012139 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security
I also have the same problem related to NotLoggedInException Using the non CVS version I had: | redirect view-id=/login.xhtml#{messages['User.notLoggedIn']}/redirect | And it was working well, a message was shown in the login page. But it seems there's a problem with the CVS version, because now I can't get the message in the login message. The message is not shown. Is there something new or changed in the CVS version? somebody knows it? View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4012158#4012158 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4012158 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security
In CVS you should wrap the message in a element. Check the new pages.xml DTD. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4012171#4012171 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4012171 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security
I wrapped the message in an element according to the new pages.xml DTD, but there's no change...it still doesn't appear for me. Also, how can I override the default org.jboss.seam.loginFailed and org.jboss.seam.loginSuccessful messages? I tried putting them in my properties files (e.g. org.jboss.seam.loginSuccessful=My Message) that I've added in components.xml, but the default messages still appear! I'm not having any luck with Seam and messages, I guess... View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4012233#4012233 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4012233 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security
Never mind my previous post; the first problem magically disappeared and the second was solved by adding messages to the list of resource bundles in components.xml. How do I debug roles? I've added the roles to the identity component in my login method but the debug page doesn't list roles for the identity component! It only lists the following properties, but nothing like roles: authenticateMethod class cookieEnabled cookieMaxAge jaasConfigName loggedIn password principal rememberMe securityContext securityRules subject username toString() How can I see why s:hasRole('...') isn't working correctly? I'd like to know what roles identity actually has added and whether they've been added correctly from my code... View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4012273#4012273 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4012273 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security
identity.logout() is pretty much a convenience method only, all it does is call Seam.invalidateSession(). If you need more custom behaviour you can write your own logout method. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4011207#4011207 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4011207 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: Seam Security
Ok, that's what I would've guessed. By the way, I looked through the code of Identity's logout() method and didn't see a call to Seam.invalidateSession() anywhere in the things it calls...am I looking in the wrong place? In fact, that method does a few things... Also, if writing my own logout method could I specify a logout method like I do a login method in components.xml? Or would I have to subclass Identity and override logout? View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4011396#4011396 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4011396 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user