once jsf handles the request, it should work. (for sure you need your custom AccessDecisionVoter + the corresponding view-config. please have a look at [1].)
regards, gerhard [1] http://deltaspike.apache.org/jsf.html#security-integration-via-secured http://www.irian.at Your JSF/JavaEE powerhouse - JavaEE Consulting, Development and Courses in English and German Professional Support for Apache MyFaces 2014-02-15 15:15 GMT+01:00 Thomas Andraschko <[email protected]>: > AFAIR it worked fine in CODI. > > @Gerhard: Any reason why it don't work in DS? > > > 2014-02-15 15:11 GMT+01:00 Karl Kildén <[email protected]>: > > > Hello, > > > > If a user simply types in /secured/admin.xhtml in the browser the > @Secured > > annotation will not help, right? As far as I understand it's it only > > triggers the AccessDecisionVoter when you actually navigate with JSF... > > So I would still need to define a @WebFilter to secure my application. > > > > Now, the effect would that a secured request will be secured twice, once > by > > the filter and once by my AccessDecisionVoter and I didn't really > > accomplish much by using the AccessDecisionVoter? I feel like I am > missing > > something. > > > > cheers > > >
