use of org.apache.deltaspike.security.api.authorization.SecurityViolation in project deltaspike by apache.
the class LoggedInAccessDecisionVoter method checkPermission.
@Override
protected void checkPermission(AccessDecisionVoterContext context, Set<SecurityViolation> violations) {
if (identity.isLoggedIn()) {
// no violations, pass
} else {
violations.add(new SecurityViolation() {
@Override
public String getReason() {
return "User must be logged in to access this resource";
}
});
// remember the requested page
deniedPage = viewConfigResolver.getViewConfigDescriptor(FacesContext.getCurrentInstance().getViewRoot().getViewId()).getConfigClass();
}
}
use of org.apache.deltaspike.security.api.authorization.SecurityViolation in project deltaspike by apache.
the class SecurityUtils method addViolationsAsMessage.
private static void addViolationsAsMessage(Set<SecurityViolation> violations) {
String message;
for (SecurityViolation violation : violations) {
//TODO discuss it (with CODI handling such messages was easier)
message = violation.getReason();
if (!isMessageAddedAlready(message)) {
FacesMessage facesMessage = new FacesMessage(FacesMessage.SEVERITY_ERROR, message, message);
FacesContext.getCurrentInstance().addMessage(null, facesMessage);
}
}
}
Aggregations