If you're using the Acegi component from jsf-comp, it's probably the
same thing. Acegi's SecurityContextHolderAwareRequestFilter
(http://tinyurl.com/2dv5ab) makes request.getRemoteUser() and
request.isUserInRole() work. I suspect that enable* and visible* both
use the isUserInRole call. It seem
I'm pretty new to JSF and Acegi, and I just learned about enableOnUserRole
and visibleOnUserRole attributes for components. I tried them out yesterday
and like the way they work and the fact that it cleans up the code in my
opinion.
What's considered the best practice? Is it better to use authori
