I am trying your example, I have some issues: I debugged the code and it seems that it actually checks the permissions everytime I try to load the page with hasPermission, from somewhere it hist the permission model table. BUT in only the case when it doesnot have any permission does it come into this permissionresovler and run the hasPermission method.

Like user 1 has permissions to update,list and add but does not have the permission to delete, now My page has permission on delete button only, so each time I try to load the page with delete button first it checks if the user has permission to delete (from somewhere) and if yes it doesn’t come into my hasPermission method, if it does not have permission then it comes into my hasPermission method to recheck.

So what I am trying to say is that it actually does check with DB and hits the permission table to retrieve the permission for the user at every point even after having this resolver. Which component is doing that is beyond my understanding.

Did you see this. Why is my resolver’s hasPermission method not the first one to kick in and some other class hits the db and only in one case does it come into my class. What could be wrong. I will really appreciate your help.

Syed…

Nie ma to jak sprawne oko! Dzięki za znalezienie tego błędu, bo faktycznie mógł on powodować poważne skutki, kod został poprawiony.

Nie ma sprawy – napiszę post o wywoływaniu i obsłudze zdarzeń w JBoss Seam, który będzie zawierał przykład użycia powyższych zdarzeń.