[EXTCDI-229] Optional SecurityViolationHandler - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 1.0.1
Fix Version/s: 1.0.2
Component/s: Core, JEE-JSF12-Module, JEE-JSF20-Module
Labels:
None

Description

I use @Secured with a custom AccessDecisionVoter checking if a user is logged in. If the user is not logged in I only want to redirect to the login page. Currently it is not possible to do this without creating a message in the FacesContext.

As discussed with Gerhard, a simple solution for this would be an optional SecurityViolationHandler. If there is a bean for this type, it is used to handle SecurityViolation instances created in the voter. If not, the default behavior (adding messages to the facesContext) should be used.

Attachments

Activity

People

Assignee:: Gerhard Petracek

Reporter:: Michael Kurz

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 27/Sep/11 13:05

Updated:: 06/Dec/11 07:11

Resolved:: 27/Sep/11 13:13