File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes JSF and the fly likes Confusing with JSF redirect Big Moose Saloon
  Search | Java FAQ | Recent Topics
Register / Login


Win a copy of The Mikado Method this week in the Agile and other Processes forum!
JavaRanch » Java Forums » Java » JSF
Reply Bookmark "Confusing with JSF redirect" Watch "Confusing with JSF redirect" New topic
Author

Confusing with JSF redirect

Andus Chan
Greenhorn

Joined: Apr 15, 2011
Posts: 7
posted
0
Quote
My JSF 2.0 web app is executed under a corporate portal (novell). I've a login page to get one HTTP header, and if found, it will be redirected to a restricted page inside. (using: home?faces-redirect=true)

However, the URL is like https://corporate.portal/MYAPP/home.xhtml. I don't know why it cannot show http://myserver/MYAPP/home.xhtml. How can JSF go to an absolute path after logged-in?

Another problem is that, whenever it redirects to another JSF page, the I.E. browser shows warning "This page contains both secure and nonsecure items. Do you want to display the nonsecure items?" I cannot control users' browser so I've already tried self-signed certificate on the server, but it is the same. How can JSF redirect to a home page in my server without showing the warning? (note: The web apps on the portal developed by .NET vendors do not have such problem!)

Thanks in advance!
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 14468
    
    7

I like...
Android Eclipse IDE Linux
posted private message
0
Quote
Actually, "home.xhtml" is a resource. The URL would more commonly be something like https://corporate.portal/MYAPP/home.jsf JSF (and Facelets) would then deconstruct the URL in order to locate the View resource, then employ that resource (home.xhtm) to construct the HTML page view.

You can redirect a URL to either an absolute or relative path. If you want to build an absolute path from a relative URL, you can use J2EE functions to get the components of the incoming request URL and steal the parts needed to make your outgoing URL absolute.

The message about "both secure and nonsecure items" has to do with the sub-URLs on the displayed page such as images, CSS and JavaScript. It's saying that at least one of them is "http" instead of "https". Since HTTP is a clear text protocol, a man-in-the-middle attacker could potentially replace the proper content with a malware-infected equivalent, thereby defeating the advantages of having sent the enclosing page via a secure protocol. This is not a JSF issue, it's an HTML page design issue.

Customer surveys are for companies who didn't pay proper attention to begin with.
Andus Chan
Greenhorn

Joined: Apr 15, 2011
Posts: 7
posted
0
Quote
I don't know the difference between these 2 kinds of code inside the backing bean. Will the first one goes to an absolute path, while the second one goes to relative path? Any other methods to do page redirect using JSF 2.0?



By the way, what's the major problem when I set the *.xhtml in the <url-pattern> of web.xml?
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Confusing with JSF redirect
 
Similar Threads
secure nonsecure warning in IE
jsessionid always appended to urls on first request
Removing warning message for nonsecure items
Secure and nonsecure items warning. CSS Trouble?
secure nonsecure warning