aspose file tools*
The moose likes JSF and the fly likes Customize UI components Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Java 8 in Action this week in the Java 8 forum!
JavaRanch » Java Forums » Java » JSF
Bookmark "Customize UI components" Watch "Customize UI components" New topic
Author

Customize UI components

Jana reddyMadam
Greenhorn

Joined: Oct 07, 2013
Posts: 3
I Would like to know if we can directly extend javax.faces.render.Renderer in such a way that all the components in our application should go through this component (filter) - so that we can modify some components based on some condition.

Ex: we want to apply the Security to existing application - where some of the buttons/links/tables for some users should be enabled/disabled based on some condition (data comes from other service).

So instead of changing all the backing beans .. to render the componnets - I would like to extend the Renderer and make sure all components rendering will happen through this.

Please Suggest.

Thanks
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 15662
    
  15

We don't have many rules here at the JavaRanch, but we do insist that you use your Real Name and not some sort of "handle" or obvious alias. If you're not sure about this, see
http://www.javaranch.com/name.jsp .


Customer surveys are for companies who didn't pay proper attention to begin with.
Jana reddyMadam
Greenhorn

Joined: Oct 07, 2013
Posts: 3
That's what my name is - I don't know what is the problem with my name.
E Armitage
Rancher

Joined: Mar 17, 2012
Posts: 761
    
    9
I honestly don't know if that would be worth the effort. You are unlikely to be doing more that just setting rendered attribute to may of them.
Also, given a component on a page, how would you know which role to check the access against? So what I'm asking is are you going to have a catalogue of which pages to check which security role against so the custom renderer knows what to check?

Better is to refactor the application pages to use use composites for the components that need protection. You then apply the security on the composite because you know what compiste it is so you know which roles to check againts and you then reuse that composite in various places in your application.
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 15662
    
  15

Of all the places to enforce security, render modules are one of the most questionable. Aside from everything else, one of the most effective ways to hack into a system is to ignore the UI stuff and brute-force jam in your own evil data.

Just as an aside, I can be heard frequently exhorting people NOT to invent their own security systems. Unless they are full-time security professionals, the results are typically very, very flimsy (as in my computer-illiterate kid sister can break in in 10 minutes or less). And the more elaborate the framework being implemented, the more security holes there will be.

The J2EE standard security framework is a very simple pre-designed, pre-debugged, industry-documentated basis that is quite sufficient for most web applications and can be easily augmented without violating its basic security operations.
Jana reddyMadam
Greenhorn

Joined: Oct 07, 2013
Posts: 3
Thank you!
 
 
subject: Customize UI components
 
Similar Threads
Spring-JSF
Authorization in JSF based on permission of a component
MyFaces - refresh and component disappears
JSF: component-family, component type and renderer relation.
How can I dynamically choose which component to use at render-time?