PrettyFaces inbound rule not working

Splash Forums PrettyFaces Users PrettyFaces inbound rule not working


This topic contains 5 replies, has 3 voices, and was last updated by  Lincoln Baxter III 9 years, 7 months ago.

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
  • #18447


    I’m using prettyFaces 3.2, Seam 3.1, Tomee 1.0.0

    I have this rule:

    <url-mapping id="organizationHome">
    <pattern value="/organization/#{organizationId}" />
    <view-id value="/homes/organizationHome.xhtml" />

    When a user visits the site using


    it works. But sometimes the user is not logged in, I store the current page’s URL in session map. When a user logs in, I redirect to url from session map post login. However, when I store the url in session map it’s the ugly url like this:


    PrettyFaces does not rewrite the ugly url above when it’s inbound URL. Do I need to change my rule for that to happen? Or can I use some API from PrettyFaces that takes ugly URL and returns a pretty URL? So I prettify the URL and store it in the session map.

    As far as I understand, PrettyFaces takes the pattern from rule, and redirects to view-ID. But not vice versa, is this correct?

    -PS I cannot use prettyConfig integration with Seam, because I need some custom workflows that are not supported.



    If a URL matches the pattern part of a rule the request is internally forwarded to the viewId URL. This forwarded request doesn’t know anything about the pretty URL anymore and for application code it looks like the user accessed the ugly URL.

    So if your are storing the requested URL in the session for unauthenticated users, you are actually storing the ugly URL, which is surely not your intention. But there is still a way to obtain the original pretty URL using this code:


    So if you use this code to obtain the original pretty URL and store this one in the session map, everything should work fine. :)

    Regarding your Seam question. Could you perhaps open a separate topic for this and describe in details what is not working as expected?




    Thanks, it works.

    Regarding seam topic, I already asked on Seam forum. I needed dynamic security per object, where some users can access an URL and others cannot based on the requested object. It would have required many workarounds, it was simpler and more efficient to do it manually. All of security in Seam is based on ViewsConfig which is not flexible enough for my app’s needs.


    To be honest, I for myself always implement such security on object level manually. Actually it’s very simply in most cases.

    <url-mapping id="organizationHome">
    <pattern value="/organization/#{orgPageBean.organizationId}" />
    <view-id value="/homes/organizationHome.xhtml" />

    public class OrgPageBean {

    /* ... */

    private Long organizationId;

    public String loadData() {

    Organisation organization = organizationDao.getById(organizationId);
    if(organization == null || !permissionChecker.canRead(user, organization)) {
    return null;



    BTW: As far as I know Lincoln wrote an enhancement for Seam Security that supports permissions on object level. But I don’t know about details.



    Yes, the pattern you listed above is similar to the one I used except that I call a load method from meta-data section of XHTML.

    I have been working with Seam Security 3.1 and I have not seen anything for object level permissions. Hopefully with Deltaspike getting released this year security will be polished and most use cases covered. Thanks for your help!


    Seam Security 3.2.0-SNAPSHOT provides object level security :) I use it in SocialPM:

    It’s actually a feature that I implemented, but there has been no 3.2.0 release yet. We should probably see if we can make that happen. I’ve just been using SNAPSHOTs while I wait for DeltaSpike. It’s actually already implemented in DeltaSpike as well (I made sure to integrate it there as well, but I think there are a few other pieces of the security mechanism that are missing.)

Viewing 6 posts - 1 through 6 (of 6 total)

The forum ‘PrettyFaces Users’ is closed to new topics and replies.

Comments are closed.