wood burning stoves 2.0*
The moose likes JSF and the fly likes JSF Login Solution Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Java » JSF
Bookmark "JSF Login Solution" Watch "JSF Login Solution" New topic

JSF Login Solution

Luciano A. Pozzo
Ranch Hand

Joined: Jun 20, 2005
Posts: 112
What's the best approach to authentication and authorization of the users on JSF?

I'm using Struts, so I cannot find the solution, because I was used to set the login object on the session and verify on Action... and with JSF I can't!

Sergey Smirnov
Ranch Hand

Joined: May 29, 2003
Posts: 167
Do the same with phaseListener. Register your phaseListener and check the login information on the Before Render Response phase. If the session bean that holds the user information is not initialized, redirect the page flow to the login page.

If you still miss the Struts way to go, it is an article about it:

Sergey : http://jsfTutorials.net
[ February 24, 2006: Message edited by: Sergey Smirnov ]
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 15959

Alternatively, you can use container-based authentication and define a login form in your web.xml.

The downside to this in JSF is that you can't set up lots of clever URL-based security rules, since JSF doesn't have as many distinct URLs as systems like Struts do.

Customer surveys are for companies who didn't pay proper attention to begin with.
I agree. Here's the link: http://aspose.com/file-tools
subject: JSF Login Solution
Similar Threads
How to prevent session timeout? How to keep user logged in?
Evaluating 2 expressions in JSF using JSTL if tag
for part 2 JSF or Struts or Both
login user at most once ?
JSF Login problem