Thanks guys My apologies for not testing enough before asking ;)
On 15 February 2014 15:22, Gerhard Petracek <[email protected]>wrote: > once jsf handles the request, it should work. > (for sure you need your custom AccessDecisionVoter + the corresponding > view-config. please have a look at [1].) > > regards, > gerhard > > [1] http://deltaspike.apache.org/jsf.html#security-integration-via-secured > > http://www.irian.at > > Your JSF/JavaEE powerhouse - > JavaEE Consulting, Development and > Courses in English and German > > Professional Support for Apache MyFaces > > > > 2014-02-15 15:15 GMT+01:00 Thomas Andraschko <[email protected] > >: > > > AFAIR it worked fine in CODI. > > > > @Gerhard: Any reason why it don't work in DS? > > > > > > 2014-02-15 15:11 GMT+01:00 Karl Kildén <[email protected]>: > > > > > Hello, > > > > > > If a user simply types in /secured/admin.xhtml in the browser the > > @Secured > > > annotation will not help, right? As far as I understand it's it only > > > triggers the AccessDecisionVoter when you actually navigate with JSF... > > > So I would still need to define a @WebFilter to secure my application. > > > > > > Now, the effect would that a secured request will be secured twice, > once > > by > > > the filter and once by my AccessDecisionVoter and I didn't really > > > accomplish much by using the AccessDecisionVoter? I feel like I am > > missing > > > something. > > > > > > cheers > > > > > >
