Win a copy of Cross-Platform Desktop Applications: Using Node, Electron, and NW.js this week in the JavaScript forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

JSF, roles and security-constraint  RSS feed

Kev D'Arcy
Ranch Hand
Posts: 75
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

I just have a query about how to use JSF with roles and URLs restricted
by a security-constraint defined in the web.xml file. In non-JSF land this
is easy to use since the action of the form can be set to a particular URL
and the standard role based URL access will kick in to either allow or
prevent access to it depending on the role of the user.

Since JSF takes this control away from you, I'm now wondering if declarative
role based control is possible in JSF, or is it something that now has to be
done programatically in the code i.e. HttpServletRequest.isUserInRole(). My
hope was to use the declaritive method since it's easier to impliment.

Any thoughts?


It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!