Meaningless Drivel is fun!*
The moose likes JSF and the fly likes On page load redirect Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » JSF
Bookmark "On page load redirect " Watch "On page load redirect " New topic
Author

On page load redirect

Mat Sergino
Greenhorn

Joined: Dec 04, 2008
Posts: 3
Hello,

I would like to redirect ( on load page ) users on log-in-page when the are not logged in and when they try to access any of pages. When I type in url address of any of me pages I achieve access to resources without logging and this is the problem. I think I should check the session parameter from session bean on load page ... but I don't know how to do that ... Plase help!
rajanikanth bhagavan kanth
Ranch Hand

Joined: May 20, 2008
Posts: 78
Hi,

You can use Filters for redirecting the page.

Regards
Bhagv
rajanikanth bhagavan kanth
Ranch Hand

Joined: May 20, 2008
Posts: 78
Hi,

You can write one filter class for all jsps , in that filter you need to check that wether it is the valid session or not .if it is valid session redirect to corresponding jsp or else just redirect to the login or some other failure jsp.

Let me know if im not clear

Regards
Rajani Bhagavan
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 15950
    
  19

Java EE - including J2EE - has built-in support for page redirection using container-managed authentication and authorization. By including the proper directives in your webapp's web.xml file, you can designate some or all of the URLs directed at your application to be subject to authentication and authorization.

If a URL requires authentication - meaning that the user is not presently logged in - the application server will place that URL request on hold and redirect to a login page, dialog, or other means of obtaining security credentials. Once/if the user has logged in successfully, the original URL request will be taken off hold and processed.

Over time, I've compiled a list of about 10 reasons why writing your own login and security code is an extremely bad thing to do. I highly recommend letting the Java EE framework do the job for you (yes, one of the 10 reasons is that you probably already have enough work to do anyway).

My experience has been that the Java EE container-based security system is sufficient for most apps, and can be extended easily to handle quite a few more. Rarely is it really necessary to invent your own security, and few people have done the job all that well from what I've seen.

If you absolutely insist on implementing your own security, filters are a good choice. Coding security directly into the application logic is not.


Customer surveys are for companies who didn't pay proper attention to begin with.
rajanikanth bhagavan kanth
Ranch Hand

Joined: May 20, 2008
Posts: 78
Hi Holloway,

I know only filter concept for this problem.May i know how can i configure this in web.xml.Can you please give me suggetions.


Regards,
Rajani Bhagavan
Bauke Scholtz
Ranch Hand

Joined: Oct 08, 2006
Posts: 2458
Java EE 5 tutorial part VI chapter 30: http://java.sun.com/javaee/5/docs/tutorial/doc/bncas.html
rajanikanth bhagavan kanth
Ranch Hand

Joined: May 20, 2008
Posts: 78
Hi Bauke Scholtz,

Thankyou

Regards,
Bhagavan
Bauke Scholtz
Ranch Hand

Joined: Oct 08, 2006
Posts: 2458
You're welcome.
Abiodun Adisa
Ranch Hand

Joined: Jan 17, 2002
Posts: 495
Originally posted by Tim Holloway:
Java EE - including J2EE - has built-in support for page redirection using container-managed authentication and authorization. By including the proper directives in your webapp's web.xml file, you can designate some or all of the URLs directed at your application to be subject to authentication and authorization.

If a URL requires authentication - meaning that the user is not presently logged in - the application server will place that URL request on hold and redirect to a login page, dialog, or other means of obtaining security credentials. Once/if the user has logged in successfully, the original URL request will be taken off hold and processed.

Over time, I've compiled a list of about 10 reasons why writing your own login and security code is an extremely bad thing to do. I highly recommend letting the Java EE framework do the job for you (yes, one of the 10 reasons is that you probably already have enough work to do anyway).

My experience has been that the Java EE container-based security system is sufficient for most apps, and can be extended easily to handle quite a few more. Rarely is it really necessary to invent your own security, and few people have done the job all that well from what I've seen.

If you absolutely insist on implementing your own security, filters are a good choice. Coding security directly into the application logic is not.


Though i know how to do this using seam, i am yet to do this using plain JSF, please can you provide me with an article on this
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: On page load redirect
 
Similar Threads
Session Management
problem with Browser's back button
session timeout implementation
help with jsp redirection after timeout
LDAP authentication + filter + redirect = mess