File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Login error in JSF 1.2

 
Skanda Raman
Ranch Hand
Posts: 205
Spring
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have a requirement to develop and form based login module using JSF 1.2. However, I am unable to understand like how to specify the success page in the navigation case. Below code snippet would help in understanding the issue. I am using Tomcat server for development.



If I access any protected resource like myhome.faces, initially I am pointed to login.faces to enter username and password and once authenticated I will be landed to myhome.jsp page. However, in case I enter wrong credentials, since I pointed it again back to login.faces with error as query string, I am landed to same page displaying error message. Below us my login.jsp



When I enter invalid credentials on url (http://localhost:8080/sampleapps/login.faces), it is directed to below URL with error message.

http://localhost:8080/sampleapps/j_security_check

Below are my questions. Please help me.
1. In case of error credentials, I am directed to http://localhost:8080/sampleapps/j_security_check with error message, again when entering correct credentials, I am directed back to login.faces and not to index.faces.
2. I am using JSF 1.2. how can I direct to success page or failure page in this scenario as it is done in springs/struts.

 
Tim Holloway
Saloon Keeper
Pie
Posts: 17622
39
Android Eclipse IDE Linux
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
When you use the J2EE Container-Managed security subsystem, you do not "Develop a login module". The "login module" is an integral part of the web application server. There are No User Servicable Parts inside. That is a large part of why it is so secure.

There isn't much point in attempting to write the login or loginfail pages in JSF, because of this. In many cases, the web application server cannot properly manage login or welcome pages in JSF in any event, since those pages do not have an actual external URL (j_security_check, for example, does not target a resource, it simply maintains the login conversation). And more critically, the webapp server (container) may not support routing such requests through the FacesServlet. Container-dispatched web pages work best when they are straight HTML or simple JSP.

Login in the J2EE security system does not support a post-login page, and I'm actually glad it does not, since a lot of times I bookmark critical URLs and I have no patience with navigating a lot of useless stuff if what I want is located at a specific bookmarkable URL. The J2EE container system will intercept requests to those URLs, and present a login screen if I am not already logged in, then proceed to send me directly to the page I want.
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic