• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

On page load redirect

 
Mat Sergino
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello,

I would like to redirect ( on load page ) users on log-in-page when the are not logged in and when they try to access any of pages. When I type in url address of any of me pages I achieve access to resources without logging and this is the problem. I think I should check the session parameter from session bean on load page ... but I don't know how to do that ... Plase help!
 
rajanikanth bhagavan kanth
Ranch Hand
Posts: 78
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

You can use Filters for redirecting the page.

Regards
Bhagv
 
rajanikanth bhagavan kanth
Ranch Hand
Posts: 78
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

You can write one filter class for all jsps , in that filter you need to check that wether it is the valid session or not .if it is valid session redirect to corresponding jsp or else just redirect to the login or some other failure jsp.

Let me know if im not clear

Regards
Rajani Bhagavan
 
Tim Holloway
Saloon Keeper
Pie
Posts: 18098
50
Android Eclipse IDE Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Java EE - including J2EE - has built-in support for page redirection using container-managed authentication and authorization. By including the proper directives in your webapp's web.xml file, you can designate some or all of the URLs directed at your application to be subject to authentication and authorization.

If a URL requires authentication - meaning that the user is not presently logged in - the application server will place that URL request on hold and redirect to a login page, dialog, or other means of obtaining security credentials. Once/if the user has logged in successfully, the original URL request will be taken off hold and processed.

Over time, I've compiled a list of about 10 reasons why writing your own login and security code is an extremely bad thing to do. I highly recommend letting the Java EE framework do the job for you (yes, one of the 10 reasons is that you probably already have enough work to do anyway).

My experience has been that the Java EE container-based security system is sufficient for most apps, and can be extended easily to handle quite a few more. Rarely is it really necessary to invent your own security, and few people have done the job all that well from what I've seen.

If you absolutely insist on implementing your own security, filters are a good choice. Coding security directly into the application logic is not.
 
rajanikanth bhagavan kanth
Ranch Hand
Posts: 78
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Holloway,

I know only filter concept for this problem.May i know how can i configure this in web.xml.Can you please give me suggetions.


Regards,
Rajani Bhagavan
 
Bauke Scholtz
Ranch Hand
Posts: 2458
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Java EE 5 tutorial part VI chapter 30: http://java.sun.com/javaee/5/docs/tutorial/doc/bncas.html
 
rajanikanth bhagavan kanth
Ranch Hand
Posts: 78
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Bauke Scholtz,

Thankyou

Regards,
Bhagavan
 
Bauke Scholtz
Ranch Hand
Posts: 2458
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You're welcome.
 
Abiodun Adisa
Ranch Hand
Posts: 495
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Tim Holloway:
Java EE - including J2EE - has built-in support for page redirection using container-managed authentication and authorization. By including the proper directives in your webapp's web.xml file, you can designate some or all of the URLs directed at your application to be subject to authentication and authorization.

If a URL requires authentication - meaning that the user is not presently logged in - the application server will place that URL request on hold and redirect to a login page, dialog, or other means of obtaining security credentials. Once/if the user has logged in successfully, the original URL request will be taken off hold and processed.

Over time, I've compiled a list of about 10 reasons why writing your own login and security code is an extremely bad thing to do. I highly recommend letting the Java EE framework do the job for you (yes, one of the 10 reasons is that you probably already have enough work to do anyway).

My experience has been that the Java EE container-based security system is sufficient for most apps, and can be extended easily to handle quite a few more. Rarely is it really necessary to invent your own security, and few people have done the job all that well from what I've seen.

If you absolutely insist on implementing your own security, filters are a good choice. Coding security directly into the application logic is not.


Though i know how to do this using seam, i am yet to do this using plain JSF, please can you provide me with an article on this
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic