All geek questions in one place

Noise from 2.0 to 2.1 (2.2)

I was curious what obstacles you encountered while porting my application from seam 2.0 to 2.1.

The obvious ones are mentioned in the: migration guide , but I ran into some rule-based security issues that are not mentioned here.

Firstly, I want to publish descriptions of my problems and my solutions with migration so that people can benefit (I did not find any solutions on the Internet) --- I will send it as an answer :)

Secondly, I would like to ask you what problems you have during the transfer and how you solved it, so it is located in one place on the Internet.

+3
source share
2 answers

, (. migration.txt Seam).

, . build.xml, . , , , libs -jars-ear/war.list. - , .

, 2.0 2.2.

+2

. 2.0 2.2 .

RuleBasedIdentity

RuleBasedIdentity RuleBasedPermissionResolver.

:

  If you are using rule-based security in your project, the configuration for the 
  security rules in components.xml has changed.  Previously, the rules were configured
  as a property of the Identity component as such:

    <security:identity security-rules="#{securityRules}" authenticate-method="#{authenticator.authenticate}"/>

  In Seam 2.1, rule-based permission checks are now carried out by the RuleBasedPermissionResolver,
  requiring that it is configured with the security rules instead of Identity:

    <security:rule-based-permission-resolver security-rules="#{securityRules}"/>

, RuleBasedIdentity (, ), RuleBasedPermissionResolver.instance().

PermissionCheck

, Object not String.

, :

c : PermissionCheck( name == 'fooHome' , action == "edit", granted == false )

:

c : PermissionCheck( target == 'fooHome' , action == "edit", granted == false )

, :

c : PermissionCheck( name matches "\w*List")

:

c : PermissionCheck( target.toString matches "\w*List")

Identity.hasPermission

Identity.hasPermissio(String name, String action, Object... args)

2.1 hasPermission PermissionCheck with name , , .

, Identity.hasPermission("fooHome", "edit", fooInstance) , :

rule foo
    when
    c : PermissionCheck( name == "fooHome", action == "edit")
    f : Foo()
    then
    ...
end

hasPermission :

 public boolean hasPermission(String name, String action, Object...arg)
     {      
        if (!securityEnabled) return true;
        if (systemOp != null && Boolean.TRUE.equals(systemOp.get())) return true;   
        if (permissionMapper == null) return false;

        if (arg != null)
        {
      return permissionMapper.resolvePermission(arg[0], action);
        }
        else
        {
      return permissionMapper.resolvePermission(name, action);
        }
     }

, , PermissionCheck. :

rule foo
  when
  f : Foo()
  c : PermissionCheck( target = f, action == "edit")

  then
   ...
end
+2

Source: https://habr.com/ru/post/1718727/

More articles:


All Articles