Built with Seam
You can find the full source code for this website in the Seam package in the directory /examples/wiki. It is licensed under the LGPL.
| Online: | 17 Members of 4546 |
| Forum: Seam Users |
 |
22. Jul 2008, 06:34 CET | Link |
I'm using Seam 2.0.1.GA on Jboss 4.2.0.GA. We have an existing ap using role-based security but want to add permissions. As a test, I extended Identity.hasPermissions and referenced it from a seam page using
<h:outputText value="Edit" rendered="#{identity.loggedIn and (s:hasPermission('Edit Account', 'edit', null))}"/>
I added a log statement to the hasPermission method and was surprised to see it called 5 times every time I hit the page! I thought it might be drools (4.0.7) so I took drools out of the equation. Components.xml now has ...
<security:identity authenticate-method="#{authenticator.authenticate}"/>
where previously it referenced security.drl. hasPermission still gets called 5 times! Anyone know what's going on here?
Here's my hasPermission override method ...
@Name("org.jboss.seam.security.identity")
@Scope(ScopeType.SESSION) @Startup
@Install(precedence = Install.APPLICATION)
public class HedgeIdentity extends Identity
{
@Logger Log log;
private Map<String, String> permissions;
private String roleType = "Member";
private Integer id = null;
public boolean hasPermission(String name, String action, Object...arg)
{
log.info("has: Name=#0, Action=#1", name, action);
// String value = permissions == null ? null : permissions.get(name);
// return value == null ? false : value.equals(action);
return true;
}
...
Tags: Security
Just out of curiousity, I overrode hasRole() and got the same behavior. I have no idea why it is being called more than once.