look to https://www.owasp.org/index.php/Java_Server_Faces
it is still in review stage but you can find some hits. 2007/5/25, Josué Alcalde González <[EMAIL PROTECTED]>:
El jue, 24-05-2007 a las 10:33 -0700, bansi escribió: > > > > > Wondering how to secure views in JSF. > My JSF backing bean has access to user Roles populated from the > database. > All i am doing now is using rendered attribute to display or not to > display > Fields on the Form based on the user Roles > Any pointers/suggestions will be highly appreciated > I am using rendered too, and a loginBean in session scope with simple functions. I am also using a PhaseListener for pages with aren't allow for some roles, where I can redirect changing the viewId to another page.
-- ::SammyRulez:: http://www.kyub.com/blog/ ----------------------------------------------------------------- La programmazione è per un terzo interpretazione e per due terzi ispirazione. E per un terzo mistificazione
