i am trying to use a phase listener for authorization in my jsf web application. the phase listener works fine that he redirect to the login page if the user visit a protected side or let the user go for a public side. but that's all, he just redirect or not.
my actual problem is that i don't know how to let the phase listener recognize that the user is signed in and which name or which role he has. i need a "isLoggedIn" method in my phase listener, but i don't know how to get these information of username and role. i have a loginBean which is used by my login.jsp. the login method of this bean checks if it can find the given username in a database and checks the given password, if that all works fine the method return "succes" for the navigation-role.
how can i get the phase listener to know that the user just signed in? what's there to do in my LoginBean?
here is my code.
return of loggedIn is false for testing the redirect.
that's my LoginBean:
how can i put these things together? hope someone can help me!
You could also go on with what you started, doing the following:
- when the user logs in, you keep his/her credentials (e.g. an instance of the LoginBean) in the session
- in the filter you check if the LoginBean instance is present in the session and depending on that, you forward to the right page