You can add securrity constraints using security editor tool of RAD, in web.xml. Later you can define the groups in the deployment descriptor of EAR and map the defined Roles. Later an IBM file with xmi extension will be created automatically, based on your definition in descriptor file. Now you EAR will be ready to deploy with security. -----Original Message----- From: GroovieMan [mailto:[EMAIL PROTECTED] Sent: Sunday, November 30, 2008 11:55 PM To: [email protected] Subject: [myfaces] How do i prevent, that an unautherized user side enters the jsf-statemachine
Morning sirs, i created a nice application with some jsp-pages, a sort of state machine in my faces-config.xml and a dedicated login jsp-page. I would like to make sure, that nobody may side enter a jsp-page, without vistiting the login.jsp with a successful login and getting a valid session. Putting this into a controller would be too late, and the jsp-file looks not be the proper file. So what and where do i have to set/change something? Is there a good example out there ? Thank you for your help! Groovie -- View this message in context: http://www.nabble.com/-myfaces--How-do-i-prevent%2C-that-an-unautherized -user-side-enters-the-jsf-statemachine-tp20766520p20766520.html Sent from the MyFaces - Users mailing list archive at Nabble.com.
