« Two Sample Chapters from the Seam Book
Updated Source Code Download for the Book »

New Features in Seam 1.1.5

One and half month after Seam 1.1 release and 14,000 downloads later (yes, Seam is breaking 10k download per month), we are now releasing the latest and newest Seam 1.1.5. It has some very nice features not found in *any* web application framework out there. Here are some highlights.

The rule-based finely-grained security framework

Managed security is one of those "half measure solutions" in J2EE. The standard J2EE security works okay for the simplest authentication cases (i.e., to put part of the site complete behind a password protected wall). But more often than not, developer struggle hard to fight against the standard security schemes than using it.

In Seam 1.1.5, we provide a much better security model based on the JBoss Rules engine. You can have a very detailed set of rules to specify who is permitted to access which page, which UI element, which bean methods. Users are managed in groups and the permission meta data are easily expressed in annotations and JSF tags. It is a security solution for almost every use case a web application encounters. Here are some examples to show how to restrict access to methods, pages, and components based on the user's role.

PLAIN TEXT
XML:
  1. <!-- only users with "admin" role can view this page-->
  2. <page view-id="/reports.xhtml">
  3.   <restrict>#{s:hasRole('admin')}</restrict>
  4. </page>

PLAIN TEXT
JAVA:
  1. // Only logged in users with role "admin" can execute this method
  2. public class AccountAction {
  3.   @Restrict("#{s:hasRole('admin')}")
  4.    public void delete() {
  5.     // code
  6.   }
  7. }

PLAIN TEXT
XML:
  1. <!-- only users with "admin" role can see this UI component -->
  2. <h:outputLink action="#{reports.listManagerReports}"
  3.                     rendered="#{s:hasRole('admin')}">
  4. Manager Reports
  5. </h:outputLink>

PDF output

With the new PDF support, you can generate PDF documents, instead of XHTML pages, from Facelets view files. You can use the Seam stateful component model and JSF EL in the PDF. Just replace the XHTML component tags in regular web page with PDF tags, and you have a PDF output instead of a web page output. Extremely useful feature for sites that need to generate reports. Here is an example JSF page that outputs a PDF document with two chapters ...

PLAIN TEXT
XML:
  1. <p:document xmlns:p="http://jboss.com/products/seam/pdf"
  2.             title="Hello">
  3.  
  4.    <p:chapter number="1">
  5.       <p:title><p:paragraph>Hello</p:paragraph></p:title>
  6.       <p:paragraph>Hello #{user.name}!</p:paragraph>
  7.    </p:chapter>
  8.  
  9.    <p:chapter number="2">
  10.       <p:title><p:paragraph>Goodbye</p:paragraph></p:title>
  11.       <p:paragraph>Goodbye #{user.name}.</p:paragraph>
  12.    </p:chapter>
  13.  
  14. </p:document>

Template-based email support

Sending email from your web application is not hard but it can be a messy task. The developer has to embed email text in Java code -- a major source of poorly worded email messages from applications. In Seam 1.1.5, we provide a template based approach to handle email. You can get your page designer to write email as if it is a web page. Then from Seam, you can execute a method to render the email and send it out. Here is an example email as a JSF view page:

PLAIN TEXT
XML:
  1. <m:message xmlns="http://www.w3.org/1999/xhtml"
  2.            xmlns:m="http://jboss.com/products/seam/mail"
  3.            xmlns:h="http://java.sun.com/jsf/html">
  4.  
  5.   <m:from name="Peter" address="peter@example.com" />
  6.   <m:to name="#{person.firstname} #{person.lastname}">#{person.address}</m:to>
  7.   <m:subject>Try out Seam!</m:subject>
  8.  
  9.   <m:body>
  10.     <p><h:outputText value="Dear #{person.firstname}" />,</p>
  11.     <p>You can try out Seam by visiting
  12.     <a href="http://labs.jboss.com/jbossseam">http://labs.jboss.com/jbossseam</a>.</p>
  13.     <p>Regards,</p>
  14.     <p>Peter</p>
  15.   </m:body>
  16. </m:message>

And here is the code to actually send out the email to #{person.address}

PLAIN TEXT
JAVA:
  1. @In(create=true)
  2. private Renderer renderer;
  3.  
  4. public void send() {
  5.   try {
  6.   renderer.render("/simple.xhtml");
  7.   facesMessages.add("Email sent successfully");
  8.   } catch (Exception e) {
  9.   facesMessages.add("Email sending failed: " + e.getMessage());
  10.   }
  11. }

Rich text support

Rich text support is a much needed feature in many web applications. But how do you trust rich text input from users? Obviously, you cannot allow them to enter arbitary HTML text as it opens up many security issues. Wiki text, on the other hand, is an excellent alternative. Seam 1.1.5 provide a UI component to convert wiki text from your database to HTML displays on a page on the fly. Nice feature if you are building a community oriented (a.k.a web 2.0) web site.

New JSF controls

Examples include <s:selectItems>, <s:selectDate>, and <s:fileUpload> etc.

WebSphere 6.1 compatible

From Seam 1.1.5, we will support Seam on the latest WebSphere application server. It may not sound like a big deal since we already support Seam on WebLogic, Tomcat, and Sun AS. But WebSphere is a beast that requires its own proprietary JDK to run -- it is a big deal that Seam works just fine on WebSphere 6.1 :)

This entry was posted on Thursday, February 1st, 2007 at 10:34 am and is filed under java, seam. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

14 Responses to “New Features in Seam 1.1.5”

  1. Aswin Nair Says:
    February 1st, 2007 at 3:03 pm

    Cool. Always liked the works of Gavin King and the team. Hibernate and Seam are just too good. Will download and try out a few sample use cases on security and email for sure. Do you have examples of the support for j2ee in Seam 1.1.5?

  2. Gavin Says:
    February 1st, 2007 at 4:45 pm

    Michael, you should also tell ‘em about the instance-level security stuff, the ability to write security rules that take into account the actual state of the instance being authorized, and its relationship to the current principal…

  3. paolo Says:
    February 1st, 2007 at 6:02 pm

    seam is getting cooler and cooler.
    excellent work, guys!

  4. Michael Yuan Says:
    February 1st, 2007 at 6:13 pm

    Michael, you should also tell ‘em about the instance-level security stuff, the ability to write security rules that take into account the actual state of the instance being authorized, and its relationship to the current principal…

    That would be the topic of my next post — after I understand this stuff better myself! :)

  5. Rory Sandoval Says:
    February 1st, 2007 at 6:23 pm

    Seam Framework, will be the next “big” thing on the Java Server side….

    Outstanding work guys…

    Keep it doing like that.

    Congrats,
    From Santa Cruz, Bolivia

  6. deflate » Blog Archive » Seam 1.1.5 is out! Says:
    February 1st, 2007 at 8:02 pm

    [...] JBoss Seam 1.1.5 is out with lots of improvements! Check the Changelog for more info as well as Michael Yuan’s blog for the new features in 1.1.5. [...]

  7. ServerSide » Blog Archive » JBoss Seam 1.1.5GAリリース Says:
    February 1st, 2007 at 8:21 pm

    [...] Michael Yuanのブログにもう少し詳しい解説があります。またYuanが書いた書籍が(英語ですが)もうすぐ発売されます。これでSeamに弾みがつくのではないでしょうか。こちらも楽しみですね。 Java, Java EE, News seam人気指数: 1% [...]

  8. Petr Ferschmann Says:
    February 2nd, 2007 at 4:45 am

    Hello,

    I usually prefer to have one source of permissions definition. So if I write this I must keep consistent the URL links and the page (or action).

    I would really prefer something like:

    <h:outputLink action="#{reports.listManagerReports}" rendered="#{s:canAccess('reports.listManagerReports')}">
    Manager Reports
    </h:outputLink>

    or easier for user but harder to implement in EL functions:


    <h:outputLink action="#{reports.listManagerReports}" rendered="#{s:canAccess()}">
    Manager Reports
    </h:outputLink>

    Anyway thanks for the Seam.

  9. Niklas Says:
    February 2nd, 2007 at 9:33 am

    Is it possible to use Seam’s PDF templates in a portlet application?

  10. Ken Says:
    February 2nd, 2007 at 11:53 am

    Just wonder what are the pros/cons of seam 1.1.5 comparing with appfuse 1.9.4 for RAD?

  11. Clinckart Says:
    February 12th, 2007 at 12:51 pm

    Hi,

    I discover seam today.
    I should like to know if seam is an independent framework that can be used without jBoss.

    Will it run on a “simple” Tomcat container?

    Thanks.

    Stephane Clinckart

  12. Michael Yuan Says:
    February 12th, 2007 at 1:19 pm

    Hi Stephane,

    Yes, Seam runs outside of JBoss AS. It runs on simple Tomcat, Glassfish, as well as Weblogic and WebSphere.

    cheers
    Michael

  13. Amir Hussein Says:
    August 4th, 2007 at 8:50 am

    Hi,
    Cool!
    I have a question. We are developing a DMS. We use JSF & Spring and I’m looking a JSF that make ease sending and receiving emails.
    Not mail server , a nice handy JSF component. ;)
    I found seam but do u think seam is suitable for our case because I was googling too much but I can’t find any other JSF component that implemented mailing.
    Thanks.

  14. Vikas Says:
    May 27th, 2008 at 11:07 am

    Michael,

    I’m struggling with seam security on websphere 6.1 for a few days and I would appreciate your input. I’m not using seam directly, I’m using JBoss Rules BRMS application which uses Seam. I’m trying to enable JAAS security. When I try to use the following:
    . I see the issues listed on the following page:
    http://article.gmane.org/gmane.comp.java.drools.user/10095/match=jaas+config+name+wslogin

    If I try to use jaas-config-name=”DEFAULT” or “WEB_INBOUND”. I get LoginExecption with error message “No LoginModules configured for WEB_INBOUND” .

    Any ideas ? Were you guys able to make seam security work with WAS 6.1 ?

    Thanks in advance for your help.

    Thanks,
    Vikas

Leave a Reply