John Schneider created DELTASPIKE-450: -----------------------------------------
Summary: Secured ViewConfig's are not working as documented Key: DELTASPIKE-450 URL: https://issues.apache.org/jira/browse/DELTASPIKE-450 Project: DeltaSpike Issue Type: Bug Components: Core, Security-Module Affects Versions: 0.5 Environment: Glassfish 4 / Weld 2.0.4 Reporter: John Schneider I believe this is the documented method for securing pages, but the following view configuration does not invoke an AccessDecisionVoter. @View(navigation = NavigationMode.REDIRECT) public interface Pages extends ViewConfig { class LogIn implements Pages {} @Secured(value = ApplicationAccessDecisionVoter.class, errorView = LogIn.class) class Manage implements Pages {} } I also tried with a @Sterotype @Secured annotation which I've confirmed to be working perfectly when placed on a CDI business method. @Retention(RetentionPolicy.RUNTIME) @Target({ElementType.TYPE, ElementType.METHOD, ElementType.FIELD}) @Documented @Stereotype @Secured(value = ApplicationAccessDecisionVoter.class, errorView = LogIn.class) public @interface LoggedIn { } @View(navigation = NavigationMode.REDIRECT) public interface Pages extends ViewConfig { class LogIn implements Pages {} @LoggedIn class Manage implements Pages {} } -- This message was sent by Atlassian JIRA (v6.1#6144)