This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
I am trying j_security_check in JSF Appplication. But i am getting following exception when i click on Login button of login.jsp
Here is the code :
if i am trying to access any other jsp form the application,the container forward the request to login.jsp ..but throwing following exception
if i access login.jsp then i can see the login page...but if i click on Login button..i am getting same exception
The login process doesn't go through the normal dispatching channels for J2EE. The login page isn't (and CAN'T be) explicitly invoked by a URL. Instead, it's referenced directly by the webapp server as an internal resource.
As a result, there's no real guarantee that a login page that depends on a servlet-based framework such as JSF or Struts will be routed through their respective controller servlets. And since the FacesContext is created on a per-request basis by the FacesServlet, anything that doesn't go through FacesServlet will fail.
You have an even bigger problem, however. Like I said, the login page is invoked by the webapp server. That means that the webapp server is handling the login, not your application. You cannot invoke a custom login function using JSP, JSF, etc.. All the login/loginfail pages do is present a place to input userid and password. When you click the submit button, these 2 fields are then passed to the appserver's internal login function where it will validate the credentials and set up the J2EE security context (UserPrincipal and related objects). Or present the loginfail page if the userid/password weren't valid.
An IDE is no substitute for an Intelligent Developer.