Hi All!
I had some trouble with Tomahawk's visibleOnUserRole.
Also, I've tried the securityContext from Tomahawk Sandbox, but it
didn't work either.
I've written simple tests, in every case I use following array of roles:
String[] roles = new String[] { "viewer", "executor", "creator", "admin" };
inside TestFilter.doFilter I have:
for (String role : roles) {
logger.debug("Is user in '" + role + "' role? ==> "
+ ((HttpServletRequest) request).isUserInRole(role));
}
inside TestPhaseListener.afterPhase/beforePhase:
for (String role : roles) {
logger.debug("**after/before** phase Is user in '" + role + "' role?
==> "
+ phaseEvent.getFacesContext().getExternalContext().isUserInRole(role));
}
and finally inside TestBackingBean I have two loops:
for (String role : roles) {
logger.debug("Is user in '" + role + "' role? ==> "
+
FacesContext.getCurrentInstance().getExternalContext().isUserInRole(role));
}
for (String role : roles) {
logger.debug("Is user in '" + role + "' role? ==> "
+ ( (HttpServletRequest)
FacesContext.getCurrentInstance().getExternalContext().getRequest()).isUserInRole(role));
}
after successful signing in, I browse a random page, and here's what I
see in my log:
first control flow goes to the filter:
01:27:28,000 DEBUG [TestFilter] Is user in 'viewer' role? ==> true
01:27:28,000 DEBUG [TestFilter] Is user in 'executor' role? ==> true
01:27:28,000 DEBUG [TestFilter] Is user in 'creator' role? ==> true
01:27:28,000 DEBUG [TestFilter] Is user in 'admin' role? ==> true
as expected ;)
now, MyFaces beforePhase:
01:27:28,015 DEBUG [TestPhaseListener] before phase Is user in
'viewer' role? ==> true
01:27:28,015 DEBUG [TestPhaseListener] before phase Is user in
'executor' role? ==> true
01:27:28,015 DEBUG [TestPhaseListener] before phase Is user in
'creator' role? ==> true
01:27:28,015 DEBUG [TestPhaseListener] before phase Is user in 'admin'
role? ==> true
perfect!
and afterPhase:
01:27:28,015 DEBUG [TestPhaseListener] after phase Is user in 'viewer'
role? ==> true
01:27:28,015 DEBUG [TestPhaseListener] after phase Is user in
'executor' role? ==> true
01:27:28,015 DEBUG [TestPhaseListener] after phase Is user in
'creator' role? ==> true
01:27:28,015 DEBUG [TestPhaseListener] after phase Is user in 'admin'
role? ==> true
couldn't be better!
BUT ;(
inside the backing bean:
01:27:28,171 DEBUG [TestBackingBean] Is user in 'viewer' role? ==> false
01:27:28,171 DEBUG [TestBackingBean] Is user in 'executor' role? ==> false
01:27:28,171 DEBUG [TestBackingBean] Is user in 'creator' role? ==> false
01:27:28,171 DEBUG [TestBackingBean] Is user in 'admin' role? ==> false
01:27:28,187 DEBUG [TestBackingBean] Is user in 'viewer' role? ==> false
01:27:28,187 DEBUG [TestBackingBean] Is user in 'executor' role? ==> false
01:27:28,187 DEBUG [TestBackingBean] Is user in 'creator' role? ==> false
01:27:28,187 DEBUG [TestBackingBean] Is user in 'admin' role? ==> false
disaster!
security in MyFaces 1.2.2 does not work at all (except for phase
listeners, which is useless for me anyway).
any idea how to fix it?
best regards
Łukasz
