I'm working on the same project with Bryan so here's some more
information.
We've made changes in the security.xml, roles, and users so that we
can have
the option for groups from which users can get permissions. Almost
everything works perfectly except one thing whereby a user *WITHOUT*
admin
role permissions must now click save 2 times on the userForm.html to
get the
save action to work. When a user clicks My Profile, the user is taken
to the
correct screen and the data is present. The UserForm.edit() method is
called
correctly. The user makes whatever changes and clicks save. The form
simply
refreshes instead of calling UserForm.save(). The user then clicks save
again and this 2nd time the UserForm.save() method is called
correctly and
everything is saved correctly.
Some notes - we do not allow Anonymous users - so all the references to
ROLE_ANONYMOUS have been removed, and we have added a default role that
provides basic profile editing permissions.
Here are code snippets from security.xml:
<bean id="filterInvocationInterceptor"
class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
<property name="authenticationManager"
ref="authenticationManager"/>
<property name="accessDecisionManager"
ref="accessDecisionManager"/>
<property name="objectDefinitionSource">
<value>
PATTERN_TYPE_APACHE_ANT
/clickstreams.jsp*=admin
/editProfile.html*=default
/flushCache.*=admin
/passwordHint.html*=admin,user,default
/reload.*=admin
/mainMenu.html*=admin,user,default
/users.html*=view_users
/userForm.html*=default
/updateList.html*=run_update_manager
/**/*.html*=admin,user,default
</value>
</property>
</bean>
<bean id="channelProcessingFilter"
class="org.acegisecurity.securechannel.ChannelProcessingFilter">
<property name="channelDecisionManager"
ref="channelDecisionManager"/>
<property name="filterInvocationDefinitionSource">
<value>
PATTERN_TYPE_APACHE_ANT
/admin/**=REQUIRES_SECURE_CHANNEL
/login*=REQUIRES_SECURE_CHANNEL
/j_security_check*=REQUIRES_SECURE_CHANNEL
/editProfile.html*=REQUIRES_SECURE_CHANNEL
/**=REQUIRES_INSECURE_CHANNEL
</value>
</property>
</bean>
Bryan Noll wrote:
>
> So... let me preface this with saying that the userForm.xhtml (and
> associated JSF class) have been tweaked here and there since the
project
> I'm working on was started (from an AppFuse 1.9.x version). I know
the
> issue I'm about to describe is something on my side, and I'm
assuming it
> has to do with either the acegi configuration or JSF configuration,
> because this issue does NOT occur in the base appfuse code.
>
> My general issue is this:
>
> A user (who gets the default user role) logs in, and goes to edit
> his/her profile. Once the profile has been modified on the page, you
> click 'Save' and the page basically refreshes, instead of actually
> saving (aka... the UserForm.save method doesn't get called). You have
> to click 'Save' again for the save to actually occur.
>
> Any hints on where to focus to figure out what's going on here. I'm a
> complete JSF newbie, so this may be something obvious to someone with
> more experience.
>
> Thanks,
>
> Bryan
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
--
View this message in context:
http://www.nabble.com/Odd-behavior-from-userForm.xhtml...-tf3362993s2369.html#a9356543
Sent from the AppFuse - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
