-
FEATURED COMPONENTS
First time here? Check out the FAQ!
Hi there,
i am using zk 6 in my web app. as soon as i add some includes in my index.zul my security policy starts going weird.
Detail:
I use a jboss7 and ejb3 as business architecture. From a session bean i let inject the session context, which i am using to print out the user. This works fine like the console prints
14:33:53,028 INFO [stdout] (http--0.0.0.0-8080-1) sa
when i am logged in as the user "sa" and changes when i log in with another user.
But as soon as i have a include tag in my zul i get the output
14:33:57,035 INFO [stdout] (Thread-70) sa
so...it's from a different thread. when i am logging out now and log in as another user ("oe" in this case) i get
14:37:18,643 INFO [stdout] (http--0.0.0.0-8080-5) oe
but as soon as i am using any musiness method i get the first user again...
14:37:18,807 INFO [stdout] (Thread-76) sa
this happens only with includes in it. what the hell is going on? is there any attribute which can be set to avoid this?
Hi again,
in the included zul files start with window tags again, so they have their own id space. if i use hbox instead of window, for instance, everything works fine again.
1st question: is it possible to disable the space-owner property of window? 2nd question: why do i get the error in my inital post? My weblayer is secured by configuring web.xml like
<web-resource-collection>
<web-resource-name>User Auth</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>webclient</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>User Auth</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>webclient</role-name>
</security-role>
why do i get multiple security subjects in web layer? even worse: i get the subjects from any other user...
Asked: 2013-10-31 13:42:09 +0800
Seen: 6 times
Last updated: Nov 04 '13