Sorry, but i dont understand, i only set my @Secured in my managed bean.
Do you mean with: "your secured bean should always get accessed before the
rendering starts" that i have to call the checkPermission method in a
PreRenderView method in my managedbean?
like this:
@Named
@ViewAccessScoped
@SecurityModule(codigoModulo = ModuloPantallaEnum.CURSOS)
public class CursosMBean implements Serializable{
}
2012/6/25 Gerhard Petracek <gerhard.petra...@gmail.com>
> hi jose,
>
> your secured bean should always get accessed before the rendering starts
> (e.g. via a PreRenderView callback).
> otherwise you get the exception during the rendering process.
>
> regards,
> gerhard
>
> http://www.irian.at
>
> Your JSF/JavaEE powerhouse -
> JavaEE Consulting, Development and
> Courses in English and German
>
> Professional Support for Apache MyFaces
>
>
>
> 2012/6/25 José Luis Cetina <maxtorz...@gmail.com>
>
> > My denied page never shown, i always get Cannot set content type.
> Response
> > already committed.
> >
> >
> > I have this:
> >
> > @Page
> > public class Denegado extends DefaultErrorView{
> >
> > }
> >
> > @Stereotype
> > @Target(value = {ElementType.TYPE})
> > @Retention(value = RetentionPolicy.RUNTIME)
> >
> >
> @Secured(value=PermissionAccessDecisionVoter.class,errorView=Denegado.class)
> > public @interface SecurityModule {
> > ModuloPantallaEnum codigoModulo();
> > }
> >
> > my bean:
> > @Named
> > @ViewAccessScoped
> > @SecurityModule(codigoModulo = ModuloPantallaEnum.CURSOS)
> > public class CursosMBean implements Serializable{
> > }
> >
> > THEN I ADD SecurityViolation
> > @Override
> > protected void checkPermission(InvocationContext ic,
> > Set<SecurityViolation> violations) {
> > violations.add(newSecurityViolation("DENIED."));
> > }
> >
> > But i always see in my page this:
> >
> > An Error Occurred:
> >
> > org.apache.myfaces.extensions.cdi.core.api.security.AccessDeniedException
> >
> > viewId=/web/portal_academico/control_escolar/cursos.xhtml
> >
> >
> location=/home/maxtorzito/repositorio/grupo_kx/project-rhino/trunk/project-rhino/target/project-rhino-0.9-SNAPSHOT/web/portal_academico/control_escolar/cursos.xhtml
> > phaseId=RENDER_RESPONSE(6)
> >
> > Caused by:
> > org.apache.myfaces.extensions.cdi.core.api.security.AccessDeniedException
> > at
> >
> >
> org.apache.myfaces.extensions.cdi.core.impl.util.SecurityUtils.invokeVoters(SecurityUtils.java:95)
> >
> >
> >
> > And in the log:
> >
> > org.apache.myfaces.context.servlet.ServletExternalContextImpl
> > setResponseContentType
> > SEVERE: Cannot set content type. Response already committed
> >
> > What is wrong?
> >
> > --
> > -------------------------------------------------------------------
> > *SCJA. José Luis Cetina*
> > -------------------------------------------------------------------
> >
>
--
-------------------------------------------------------------------
*SCJA. José Luis Cetina*
-------------------------------------------------------------------
