alexey plotnikov created JBSEAM-5139:
----------------------------------------
Summary: Attribute login-required="true" is ignored in *.page.xml
file with ajax requests
Key: JBSEAM-5139
URL: https://issues.jboss.org/browse/JBSEAM-5139
Project: Seam 2
Issue Type: Feature Request
Affects Versions: 2.3.1.Final
Reporter: alexey plotnikov
I use:
Jboss Seam 2.3.1.Final, Richfaces 4.3.5.Final.
# something.xhtml page:
{code}
<!DOCTYPE composition PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
<ui:composition xmlns="http://www.w3.org/1999/xhtml";
xmlns:s="http://jboss.org/schema/seam/taglib";
xmlns:ui="http://java.sun.com/jsf/facelets";
xmlns:f="http://java.sun.com/jsf/core";
xmlns:h="http://java.sun.com/jsf/html";
xmlns:rich="http://richfaces.org/rich";
xmlns:a4j="http://richfaces.org/a4j";
template="/layout/wide_template.xhtml">
<ui:define name="content">
<h:form>
<a4j:commandLink execute="@form" status="common_status"
render="mainList,pages" value="#{messages['pages.refresh']}"/>
.............................
{code}
# something.page.xml file:
{code}
<?xml version="1.0" encoding="UTF-8"?>
<page xmlns="http://jboss.org/schema/seam/pages";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xsi:schemaLocation="http://jboss.org/schema/seam/pages
http://jboss.org/schema/seam/pages-2.3.xsd";
login-required="true" action="#{somethingList.find}">
<restrict>#{permissions.hasPermission('somethingList','list')}</restrict>
<param name="order" value="#{somethingList.order}" required="false"/>
</page>
{code}
# seam component SomethingList.java:
{code}
@Name("somethingList")
@Scope(ScopeType.EVENT)
@BypassInterceptors
public class SomethingList {
.......
@Create
public void onCreate() {
System.out.println("loggedIn="+ Identity.instance().isLoggedIn());
Contexts.getSessionContext().get("obj").toString();
//SOMETHING LOGIC
.........................
}
....
}
{code}
Two situations:
# No ajax, usually GET request for page _something.seam_(in browser
http://<server>/something.seam).
## if i logged in - everythings ok, _#\{somethingList.onCreate()\}_ will be
called and component will be constructed(in server.log will be printed
"_loggedIn=true_")
## if my session expires and i try to get http://<server>/something.seam i will
be redirected to my login page(http://<server>/login.seam) and method
_#\{somethingList.onCreate()\}_ not will be executed - everythings ok
# With ajax(clicked a4j:commandLink on the page _something.seam_) method
_#\{somethingList.onCreate()\}_ always will be called
## if i logged in, _#\{somethingList.onCreate()\}_ will be called and component
will be constructed(in server.log will be printed "_loggedIn=true_")
## if my session expires(or called _#\{identity.logout\}_ on another browser
tab) and i click on a4j:commandLink method _#\{somethingList.onCreate()\}_ will
be called and component *NOT* will be constructed(in server.log will be printed
"_loggedIn=false_" and NullPointerException) and i will be redirected to my
login page(http://<server>/login.seam).
Why method _#\{somethingList.onCreate()\}_ calling on ajax reguests if user not
logged in(in something.page.xml login-required="true")? I think doesn't matter
ajax request or get request, in both way seam must redirects user on login page
and *DO NOT* call component methods!
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
_______________________________________________
seam-issues mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/seam-issues
