It's not a secret anymore!
The moose likes JSF and the fly likes JSF Login Solution Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSF
Bookmark "JSF Login Solution" Watch "JSF Login Solution" New topic

JSF Login Solution

Luciano A. Pozzo
Ranch Hand

Joined: Jun 20, 2005
Posts: 112
What's the best approach to authentication and authorization of the users on JSF?

I'm using Struts, so I cannot find the solution, because I was used to set the login object on the session and verify on Action... and with JSF I can't!

Sergey Smirnov
Ranch Hand

Joined: May 29, 2003
Posts: 167
Do the same with phaseListener. Register your phaseListener and check the login information on the Before Render Response phase. If the session bean that holds the user information is not initialized, redirect the page flow to the login page.

If you still miss the Struts way to go, it is an article about it:

Sergey :
[ February 24, 2006: Message edited by: Sergey Smirnov ]
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 17410

Alternatively, you can use container-based authentication and define a login form in your web.xml.

The downside to this in JSF is that you can't set up lots of clever URL-based security rules, since JSF doesn't have as many distinct URLs as systems like Struts do.

An IDE is no substitute for an Intelligent Developer.
I agree. Here's the link:
subject: JSF Login Solution
It's not a secret anymore!