[jboss-user] [JBoss Seam] - Re: Q: Seam Security - ..

Tue, 03 Apr 2007 05:22:26 -0700 

"[EMAIL PROTECTED]" wrote : As far as I know this should work - there's nothing 
special about the EL expressions used for restrictions, i.e. they are not 
required to contain only Seam Security-related expressions.  As long as the 
expression evaluates to a boolean it should be fine.

I have, in pages.xml, the following  usage:


  |   <page view-id="/edit_mail_configuration.xhtml">
  |     <restrict>#{isUserInRole['Admin']}</restrict>    
  |   </page>
  | 

When I invoke this page from the browser, I get the following exception:


  | 08:11:12,294 ERROR org.jboss.seam.jsf.SeamPhaseListener - uncaught exception
  | org.jboss.seam.security.NotLoggedInException
  |     at org.jboss.seam.security.Identity.checkRestriction(Identity.java:156)
  |     at org.jboss.seam.pages.Page.enter(Page.java:206)
  |     at org.jboss.seam.core.Pages.enterPage(Pages.java:276)
  |     at 
org.jboss.seam.jsf.AbstractSeamPhaseListener.enterPage(AbstractSeamPhaseListener.java:276)
  |     at 
org.jboss.seam.jsf.AbstractSeamPhaseListener.beforeRender(AbstractSeamPhaseListener.java:214)
  |     at 
org.jboss.seam.jsf.SeamPhaseListener.beforePhase(SeamPhaseListener.java:56)
  |     at 
org.apache.myfaces.lifecycle.PhaseListenerManager.informPhaseListenersBefore(PhaseListenerManager.java:70)
  |     at 
org.apache.myfaces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:373)
  |     at javax.faces.webapp.FacesServlet.service(FacesServlet.java:138)
  |     at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
  |     at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
  |     at 
org.apache.myfaces.webapp.filter.ExtensionsFilter.doFilter(ExtensionsFilter.java:97)
  |     at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
  |     at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
  |     at 
org.apache.myfaces.webapp.filter.ExtensionsFilter.doFilter(ExtensionsFilter.java:144)
  |     at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
  |     at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
  |     at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:57)
  |     at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
  |     at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
  |     at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:45)
  |     at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
  |     at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
  |     at 
org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
  |     at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
  |     at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
  |     at 
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
  |     at 
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
  |     at 
org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175)
  |     at 
com.evergreen.fastpass.catalina.CASSSOAuthenticatorValve.invoke(CASSSOAuthenticatorValve.java:373)
  |     at 
org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74)
  |     at 
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
  |     at 
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
  |     at 
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
  |     at 
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
  |     at 
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
  |     at 
org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
  |     at 
org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
  |     at 
org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
  |     at java.lang.Thread.run(Thread.java:595)

I have not configured the Identity component - I am not using it.  It looks 
like the restrict tag does require the Identity component be configured for 
restrict checks....



View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4034035#4034035

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4034035
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user

Reply via email to