using PrettyFaces with JAAS Authentication

Splash Forums PrettyFaces Users using PrettyFaces with JAAS Authentication

This topic contains 3 replies, has 3 voices, and was last updated by  nicmon 5 years, 6 months ago.

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • #18259

    nicmon
    Participant

    my setup JAAS Authentication doesn’t work anymore once I configured PrettyFaces. I know that there is a workaround to add a “dispatcher” to filter definitions. But how can I do this in a <security-constraint>?

    <security-constraint>
    <web-resource-collection>
    <web-resource-name>Only SuperUsers</web-resource-name>
    <url-pattern>/pages/protected/superuser/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
    <role-name>SUPERUSER</role-name>
    </auth-constraint>
    </security-constraint>
    <security-constraint>
    <web-resource-collection>
    <web-resource-name>Users and SuperUsers</web-resource-name>
    <url-pattern>/pages/protected/user/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
    <role-name>SUPERUSER</role-name>
    <role-name>USER</role-name>
    </auth-constraint>
    </security-constraint>

    <login-config>
    <auth-method>FORM</auth-method>
    <form-login-config>
    <form-login-page>/pages/public/login.xhtml</form-login-page>
    <form-error-page>/pages/public/loginError.xhtml</form-error-page>
    </form-login-config>
    </login-config>

    <security-role>
    <role-name>SUPERUSER</role-name>
    </security-role>
    <security-role>
    <role-name>USER</role-name>
    </security-role>

    #22345

    I’m just guessing here but I think security constraints are applied before a request enters the filter chain. So JAAS will see the pretty URL instead of the one PrettyFaces forwards to. I think you will have to adjust the rules to match the pretty URLS instead of the viewIds.

    #22346

    I think you can also specify FORWARD, REQUEST, INCLUDE, etc, GET, PUT, POST in order to use security constraints. Not sure if it works without that.

    #22347

    nicmon
    Participant

    Thank you, changing the url-pattern entries to the value of “pattern” in pretty-config.xml has solved the problem.

Viewing 4 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.

Comments are closed.