1

we are using PicketLink 2.7 in an EE7 CDI/JSF app with Wildfly.

According to the PicketLink documentation there are some EL methods like #{hasRole('ROLE_NAME')}. When we try to use these in an JSF page 

<ui:fragment rendered="#{hasRole('ROLE_NAME')}">

we get

Caused by: javax.el.ELException: Function 'hasRole' not found

When we use the EL expression on a CDI bean with

@Restrict("#{hasRole('ROLE_NAME')}")
public void doWhatEver(){}

It works fine (throwing an exception when it doesn't have the role).

So the PicketLink interceptor is configured in beans.xml, we use the uber dependency for PicketLink in the pom file. What are we missing?

The methods are provided by org.picketlink.internal.el.ELFunctionMethods as far as I can make out:

    public static boolean hasRole(String roleName)
Checks if an authenticated user is granted with a role with the given name.

This method requires that valid ELEvaluationContext associated with the current invation thread.
Ben
  • 1,922
  • 3
  • 23
  • 37

1 Answers1

0

The EL expressions defined by PicketLink are not available in JSF context. I was facing the same problem and decided to use an @ApplicationScoped bean with the needed methods:

@Named("auth")
@ApplicationScoped
public class AuthorizationManager {
    @Inject Identity identity;
    @Inject PartitionManager partitionManager;

    public void hasRole(String roleName) {
        return AuthorizationUtil.hasRole(identity, this.partitionManager, roleName);
    }
}

Then you can use it in JSF like:

<ui:fragment rendered="#{auth.hasRole('ROLE_NAME')}">
Georg Leber
  • 3,470
  • 5
  • 40
  • 63