aspose file tools*
The moose likes JSF and the fly likes RichFaces  phases manipulation Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSF
Bookmark "RichFaces  phases manipulation" Watch "RichFaces  phases manipulation" New topic
Author

RichFaces phases manipulation

Rami Hailat
Greenhorn

Joined: Nov 26, 2008
Posts: 20
Hi for you all ranchers,

I have to question about richfaces:
1 - i want a centrlized location some where in the Richfaces life cycle where i can read the compoenent tree, and set some properties for these compoenet like setting some of them visible and others invisible, or may be enable and disable some fields. can i implements aphase listner or somthing else to trace the rendering operation to add some modification on it ?

2- this is more simple than the first one as i want change some properties of a binded component and to reflect these changes immediatly to UI, i dont want to add a rerender attribuit on each compoenent to be rerendered when an action fires but rather to traverse the tree component and modify value and mirror these changes to UI

any help is appreciated.
and thank you again
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16250
    
  21

It sounds like you're trying to provide a complex solution to a problem that we routinely handle in a simple manner, and it sounds like you're expecting to be able to asynchronously update the browser view, which no HTTP framework can do (Java or otherwise). RichFaces can fake it by making undercover AJAX requests, but it's not the same thing as having the server simply volunteer updates, which the HTTP standard forbids.

To make a component display itself, use the "rendered=" attribute on the component. If you want to, you can put all the rendering tests in a single (centralized) backing bean. But in practice, that's likely to be an inflexible and cumbersome solution. Usually it's better to keep the system modular.


Customer surveys are for companies who didn't pay proper attention to begin with.
Rami Hailat
Greenhorn

Joined: Nov 26, 2008
Posts: 20
Thank you Tim for your response at least i found some one to write somthing, anyway what am trying to do is applying some securtiy and role based view using richfaces, this mean that the same jsp can have all its controls enbled for the administrator role,and some of thm disabled for a normal user.
so my problem can't be solved without travering the page component tree and playing properties of it, in orer to be rendered as our security module want.

if there is a simpler solution than this please shar it with me.
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16250
    
  21

Well, first of all, I use the built-in security system that J2EE provides. Here's why: http://www.mousetech.com/blog/?p=11

But I do in fact have a securityManager session backing bean in my currrent apps. Standard JSF doesn't provide tag-level security like Struts does. Besides, the J2EE security framework is just the starting point. For fine-grained security, a security object that leverages the built-in functions is a useful thing to have.

This is consistent with a modular webapp design. Security things go in the security bean, business things go in the various business beans, UI stuff goes in UI beans and they all get wired together in one big happy framework.

And I don't have to do arcane things with the component tree!
Rami Hailat
Greenhorn

Joined: Nov 26, 2008
Posts: 20
Tim, i try to use Java security i use JAAS but i think till now there is no J2EE web application security module from SUN, as JAAS does not support web application by its nature, so we flip into implementing our own security framework.

the problem is that our work needed to restrict each compoenent on each page and i dont think that there is any developed ad ready to use security module o use.
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16250
    
  21

There are JAAS security providers for webapps. For example: http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html#JAASRealm

J2EE's basic container-managed security system is - well, basic. It can ensure that a user is logged in and it can verify security roles, but it's not as fine-grained as direct JAAS.

On the other hand, the request.getUserPrincipal() method will return the validated userID, and that can be used as the key to access any sort of extended security system you want, including multiple sources (LDAP, Web Services, JAAS, and so forth).
Rami Hailat
Greenhorn

Joined: Nov 26, 2008
Posts: 20
Thank you Tim again, but i think we get far and far from our main point, if you state that my idea is wrong then why it is implementd by microsoft using the master page in visual studio 2005 and later, the master page allows for a centrlized access for all sub pages and its controls.
JSF and rich faces allow for accessing compoenent into pages, so why nor to exploit this feature.
if you have any idea please sharet with me please.
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16250
    
  21

You're using Microsoft as an example of how to do security???!!!
Rami Hailat
Greenhorn

Joined: Nov 26, 2008
Posts: 20
yes i use it as an example that this way is applicable, if you mind please let me know why ? why this word "Microsoft" make you angry please advice
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16250
    
  21

Seriously, aside from a poor choice of role models, that sounds like the old ASP approach to application design. I've never done webapps in .Net, but I would hope that they're now separating models, views and controllers. Putting all the logic in the View a la ASP is a quick-and-dirty solution and it doesn't scale very well..

That's why JSF is more complex than ASP. In exchange for more up-front work, you get a product that's easier to maintain at the Enterprise level. Otherwise we would have all stuck to basic JSP's.
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16250
    
  21

"Microsoft" doesn't make me angry, but they're just about the last place you want to look for examples of good security. New Windows security exploits arrive on an almost hourly basis.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: RichFaces phases manipulation