[jboss-user] [JBoss Seam] - Re: page flow question
Since you don't say, I would assume given your requirement you want all pages to require login except the login page (makes sense). This can be accomplished through the following: | pages login-view-id=/auth/login.xhtml | page view-id=* login-required=true/ | | page view-id=/auth/login.xhtml login-required=false / | ... | View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4084450#4084450 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4084450 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [JBoss Seam] - Re: page flow question
you can also use basic Servlet-container security to achieve a similar result: | security-constraint | web-resource-collection | web-resource-namerestricted-urls/web-resource-name | url-pattern/myapp/auth/*/url-pattern | /web-resource-collection | auth-constraint | role-name*/role-name | /auth-constraint | !--user-data-constraint | transport-guaranteeCONFIDENTIAL/transport-guarantee | /user-data-constraint-- | /security-constraint | where 'auth' is a directory in your web application that contains pages requiring authentication. Of course you would not put your login page in the auth directory. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=4084453#4084453 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=4084453 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user