History | Log In     View a printable version of the current page. Get help!  
   HOME       BROWSE PROJECT       FIND ISSUES   
    QUICK SEARCH:  
Issue Details [XML]

Key: JSF-38
Type: New Feature New Feature
Status: Open Open
Priority: Major Major
Assignee: Chad Brandon
Reporter: Javier Adorno
Votes: (View)
Watchers: (View)
Operations

If you were logged in you would be able to see more operations.
JSF cartridge

Inclusion of acegijsf specific tags and config files with SecurityFilter for Acegi Security System Integration

Created: 04/Dec/07 10:12 PM   Updated: 10/Dec/07 03:44 PM
Component/s: None
Affects Version/s: None
Fix Version/s: None

File Attachments: 1. Text File acegiJsfSecurity.txt (15 kb)
2. Text File acegiJsfSecurityV2.txt (16 kb)
Environment: JSF2 cartridge


 Description   
this patch adds Acegi Security System support for JSF2
When enabled:
- Creates specific applicationContext for securityFilterInterceptor bean with role based access
- Adds xmlns acegijsf namespace to views for role based rendering of menu and action components (needs acegi-jsf component library from http://sf.net/projects/jsf-comp, since it doesn't includes a facelets taglib this has to be included manually)


 All   Comments   Change History      Sort Order:
[ Permlink ]
Comment by Javier Adorno [04/Dec/07 10:13 PM]
patch

[ Permlink ]
Comment by Javier Adorno [04/Dec/07 10:16 PM]
acegijsf.taglib.xml reference from http://www.koders.com/xml/fid3FC5C48AA07739519005C0C5640CE79E11C34834.aspx
This can also be included as a custom taglib as tomahawk

<?xml version="1.0"?>
<!DOCTYPE facelet-taglib PUBLIC "-//Sun Microsystems, Inc.//DTD Facelet Taglib 1.0//EN"
    "http://java.sun.com/dtd/facelet-taglib_1_0.dtd">
<facelet-taglib>
    <namespace>http://sourceforge.net/projects/jsf-comp/acegijsf&lt;/namespace>
    <tag>
        <tag-name>authorize</tag-name>
        <component>
            <component-type>net.sf.jsfcomp.acegijsf.Authorize</component-type>
        </component>
    </tag>
    <tag>
        <tag-name>authentication</tag-name>
        <component>
            <component-type>net.sf.jsfcomp.acegijsf.Authentication</component-type>
        </component>
    </tag>
</facelet-taglib>

[ Permlink ]
Comment by Javier Adorno [05/Dec/07 08:50 PM]
Updated Patch:
Includes support
- for Manageable security once it's implemented by the cartridge.
- Inter UseCase security via action.targetUseCase

Other comments of previous and current patch features:
This patch enables support for Acegi Security System by intercepting all URLs calls to secured UseCase & Manageable Servlets and Views with a FilterSecurityInterceptor. Also includes conditional (based on Roles) rendering of JSF components with acegijsf tags. This means that actually all JSF components are in the xhtml but only get rendered if the user has the roles to view the component.

[ Permlink ]
Comment by Javier Adorno [10/Dec/07 03:44 PM]
I found some limitations of the acegijsf tag library and mentioned them to Kenan Sevindik, one of the authors. He pointed me out that since facelets supports EL functions it should be easy to create functions for acegi support and avoid such limitations. Indeed it was, I developed some custom functions to get the username and other to apply conditional rendering of JSF components integrated into the bundled "rendered" attribute of JSF components (supported by standard, tomahawk & trinidad).
I'll be re-engineering the patch for such support.
I think it will be ideal if such functions could be included inside the androma-jsf-components library


This site is running on Atlassian JIRA with a free Open Source Project / Non-profit License (license details).
JIRA is an issue tracking and bug tracking application. Evaluate JIRA for your organisation.
Powered by Atlassian JIRA™ the Professional Issue Tracker. (Professional Edition, Version: 3.4.2-#108) - Bug/feature request - Contact Administrators