Hi, MyFaces SecurityContext seems to be what you need.
http://myfaces.apache.org/sandbox/securityContext.html http://wiki.apache.org/myfaces/SecurityContext Regards Cagatay Civici On 5/24/07, Andrew Robinson <[EMAIL PROTECTED]> wrote:
I would recommend using the rendered flag to test. If you explicitly set the rendered value, it will never use the EL expression from the view since components always prefer non-null member values over value binding expressions (although Tom's example will work as long as you never try to use the rendered value binding on his "hasRole" tag) In the case of rendering, you can use EL functions (with facelets) to call functions to see if your user has the correct security. Also JBoss Seam has some nice JSF security features: http://docs.jboss.com/seam/1.2.1.GA/reference/en/html_single/#security On 5/24/07, Cort, Tom <[EMAIL PROTECTED]> wrote: > I ran into this problem a few days ago. I solved it by extending > UIComponentBase and UIComponentTag to create a hasRole tag. > > <blah:hasRole role="ADMIN"> > <h:outputText="#{bundle.TopSecretAdminMessage}"/> > </blah:hasRole> > > Here's the meat of the UIComponent.... > > public void encodeBegin(FacesContext context) throws IOException { > String role = (String)getAttributes().get("role"); > > if (JAASUtils.hasRole(role)) { > this.setRendered(true); > } else { > this.setRendered(false); > } > } > > I'm new to JSF, so I don't know if this is the best/correct approach but it > does work. If anyone has a better solution, I'd be happy to hear about it. > > -- > Tom Cort > Systems Developer > Vermont Department of Taxes > >
