• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

RichFaces phases manipulation

 
Rami Hailat
Greenhorn
Posts: 20
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi for you all ranchers,

I have to question about richfaces:
1 - i want a centrlized location some where in the Richfaces life cycle where i can read the compoenent tree, and set some properties for these compoenet like setting some of them visible and others invisible, or may be enable and disable some fields. can i implements aphase listner or somthing else to trace the rendering operation to add some modification on it ?

2- this is more simple than the first one as i want change some properties of a binded component and to reflect these changes immediatly to UI, i dont want to add a rerender attribuit on each compoenent to be rerendered when an action fires but rather to traverse the tree component and modify value and mirror these changes to UI

any help is appreciated.
and thank you again
 
Tim Holloway
Saloon Keeper
Pie
Posts: 18212
53
Android Eclipse IDE Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
It sounds like you're trying to provide a complex solution to a problem that we routinely handle in a simple manner, and it sounds like you're expecting to be able to asynchronously update the browser view, which no HTTP framework can do (Java or otherwise). RichFaces can fake it by making undercover AJAX requests, but it's not the same thing as having the server simply volunteer updates, which the HTTP standard forbids.

To make a component display itself, use the "rendered=" attribute on the component. If you want to, you can put all the rendering tests in a single (centralized) backing bean. But in practice, that's likely to be an inflexible and cumbersome solution. Usually it's better to keep the system modular.
 
Rami Hailat
Greenhorn
Posts: 20
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thank you Tim for your response at least i found some one to write somthing, anyway what am trying to do is applying some securtiy and role based view using richfaces, this mean that the same jsp can have all its controls enbled for the administrator role,and some of thm disabled for a normal user.
so my problem can't be solved without travering the page component tree and playing properties of it, in orer to be rendered as our security module want.

if there is a simpler solution than this please shar it with me.
 
Tim Holloway
Saloon Keeper
Pie
Posts: 18212
53
Android Eclipse IDE Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Well, first of all, I use the built-in security system that J2EE provides. Here's why: http://www.mousetech.com/blog/?p=11

But I do in fact have a securityManager session backing bean in my currrent apps. Standard JSF doesn't provide tag-level security like Struts does. Besides, the J2EE security framework is just the starting point. For fine-grained security, a security object that leverages the built-in functions is a useful thing to have.

This is consistent with a modular webapp design. Security things go in the security bean, business things go in the various business beans, UI stuff goes in UI beans and they all get wired together in one big happy framework.

And I don't have to do arcane things with the component tree!
 
Rami Hailat
Greenhorn
Posts: 20
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Tim, i try to use Java security i use JAAS but i think till now there is no J2EE web application security module from SUN, as JAAS does not support web application by its nature, so we flip into implementing our own security framework.

the problem is that our work needed to restrict each compoenent on each page and i dont think that there is any developed ad ready to use security module o use.
 
Tim Holloway
Saloon Keeper
Pie
Posts: 18212
53
Android Eclipse IDE Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
There are JAAS security providers for webapps. For example: http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html#JAASRealm

J2EE's basic container-managed security system is - well, basic. It can ensure that a user is logged in and it can verify security roles, but it's not as fine-grained as direct JAAS.

On the other hand, the request.getUserPrincipal() method will return the validated userID, and that can be used as the key to access any sort of extended security system you want, including multiple sources (LDAP, Web Services, JAAS, and so forth).
 
Rami Hailat
Greenhorn
Posts: 20
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thank you Tim again, but i think we get far and far from our main point, if you state that my idea is wrong then why it is implementd by microsoft using the master page in visual studio 2005 and later, the master page allows for a centrlized access for all sub pages and its controls.
JSF and rich faces allow for accessing compoenent into pages, so why nor to exploit this feature.
if you have any idea please sharet with me please.
 
Tim Holloway
Saloon Keeper
Pie
Posts: 18212
53
Android Eclipse IDE Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You're using Microsoft as an example of how to do security???!!!
 
Rami Hailat
Greenhorn
Posts: 20
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
yes i use it as an example that this way is applicable, if you mind please let me know why ? why this word "Microsoft" make you angry please advice
 
Tim Holloway
Saloon Keeper
Pie
Posts: 18212
53
Android Eclipse IDE Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Seriously, aside from a poor choice of role models, that sounds like the old ASP approach to application design. I've never done webapps in .Net, but I would hope that they're now separating models, views and controllers. Putting all the logic in the View a la ASP is a quick-and-dirty solution and it doesn't scale very well..

That's why JSF is more complex than ASP. In exchange for more up-front work, you get a product that's easier to maintain at the Enterprise level. Otherwise we would have all stuck to basic JSP's.
 
Tim Holloway
Saloon Keeper
Pie
Posts: 18212
53
Android Eclipse IDE Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
"Microsoft" doesn't make me angry, but they're just about the last place you want to look for examples of good security. New Windows security exploits arrive on an almost hourly basis.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic