Re: PrettyFaces inbound rule not working

Splash Forums PrettyFaces Users PrettyFaces inbound rule not working Re: PrettyFaces inbound rule not working


To be honest, I for myself always implement such security on object level manually. Actually it’s very simply in most cases.

<url-mapping id="organizationHome">
<pattern value="/organization/#{orgPageBean.organizationId}" />
<view-id value="/homes/organizationHome.xhtml" />

public class OrgPageBean {

/* ... */

private Long organizationId;

public String loadData() {

Organisation organization = organizationDao.getById(organizationId);
if(organization == null || !permissionChecker.canRead(user, organization)) {
return null;



BTW: As far as I know Lincoln wrote an enhancement for Seam Security that supports permissions on object level. But I don’t know about details.